last executing test programs: 4m11.394553989s ago: executing program 0 (id=8431): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fd\x00') getdents64(r0, 0xffffffffffffffff, 0x43) 4m11.161782723s ago: executing program 0 (id=8434): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0x20323159, 0x0, 0x0, [{}, {0xfffffffe}, {}, {}, {0x4, 0xffff}], 0x0, 0x0, 0x7, 0x0, 0x6}}) 4m10.905453207s ago: executing program 0 (id=8439): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 4m10.67618223s ago: executing program 0 (id=8442): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 4m10.219030838s ago: executing program 0 (id=8445): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) landlock_restrict_self(0xffffffffffffffff, 0x0) 4m9.523623309s ago: executing program 0 (id=8454): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000006a00010000000000fbdb09000000000000000000080001"], 0x20}}, 0x4) 4m9.218312344s ago: executing program 32 (id=8454): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000006a00010000000000fbdb09000000000000000000080001"], 0x20}}, 0x4) 2.23455332s ago: executing program 4 (id=12499): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x11, 0x30, 0x30, 0x0, @in={0x2, 0x4e21, @private=0xa010101}, @ib={0x1b, 0x5, 0x9, {"68136799329eea9ae450e24bbb247512"}, 0x6, 0x1e2ec6a2, 0x5a}}}, 0x118) 2.000112396s ago: executing program 4 (id=12505): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.817454878s ago: executing program 4 (id=12510): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000100)={0x4, 0x0, 0x4, 0x0, 0x4002}) 1.589315983s ago: executing program 4 (id=12515): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}]}}}]}, 0x40}}, 0x0) 1.33061193s ago: executing program 4 (id=12520): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=@newtaction={0x50, 0x30, 0x9, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_mpls={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_TTL={0x5}]}, {0x4, 0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) 1.33015669s ago: executing program 1 (id=12521): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x5, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000180)={0x4, 0x1, 0x80, "69b400020202070074f6024305f11fd3454ad200", 0x34325842}) 1.211721888s ago: executing program 4 (id=12523): r0 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcfd0"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 1.134574664s ago: executing program 1 (id=12526): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x317, &(0x7f0000000840)="$eJzs3T1v00AYB/D/nZ3WpVExaRESC6hQCZaKAgNioUJZkRiZEJCkUoRVRFskYCFUjIgPwM5X4EOwgPgCwMLExpLN6M5nx07OzouSuqH/n9TKPvuxn8Nvz1miBhGdWHfrPz7d+K1+BODAAXAbkAA8wAVwFue8F7sH7YOg1SzakKMj1I9AFCkG1mnstmyhKk5HGL6ac1FNt9FshGG4/bPsJKh0+uq3kMCiuQ71cu+I85oW07nFeL4DXCgxnVKkD7DowsdLrJSYDhERHQPm+S/NY6KqmwSkBDbMY3+un//9umUnMF03g4GmsDBAdNE1z39d3YVCHd/TelFvvKeHcGq5jEeJoyRT6ZtfQHRmZQpMYR9V/gojJhe5tNN2sdl4i6bEIe4YqYA1/bsZnbqxIdmuW8ameVTFmLu1Cu6dinqjKsql/sVxSjvtoKUrT0v+q7adjvOvPS7xRXwTD4WHj2gm9Z8b/lWHSR8pv+9IyYrK/1r+Fpd1lFpLdVlE/ZSZVc7onZw3ezCG9NKzj0jS24xfEHSSDCx5HsYTet81ZF8rRL3bsu1A9Da+aovyk7nBWL2vtUyUY86EzcazoPBVymzEXRQfxAOxjj/4jHqq/pcqvw2krsyiW73Qa5ozI+rPgn1NV6/pDzw5OsnUxSQDY3HsvhEw5tuy93iCW1jZf/X6qRMErT018dgy8by6J0xL5R1gXWeEifiGO2G4g4J10Om16IfHmzAcdcvhZPmMNnF1gqiF3EXq/pG0qMvHFq6usqRFzqhfJ2jChW1R/SuKTsiZTsRX0pjhnnWRKrRyoqZ+f6JjaF/EB900DBSx9J9TdZeIxn+6kjdVnb7PqF/+feTW6SGw3dfUycyltriVjOCypWDNVrsMGRss54/gUnu8njNm1GOuS1eAy6lGkd9L6Aq2lrfHeSTq+I5HfP9PRERERERERERERERERERERERERDRvjuJ/LJTdRyIiIiIiIiIiIiIiIiIiIiIiIiIiIiKieTf693+Xel9qsv2NeP39X3/o938zHwA2H4ri93+JyvEvAAD//9w5d8M=") renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0) 1.069493178s ago: executing program 3 (id=12527): setresuid(0xee00, 0xee00, 0xee01) setfsuid(0xee01) 999.020283ms ago: executing program 5 (id=12529): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x7, [@func_proto={0x0, 0x0, 0x0, 0xd, 0xa}, @enum={0x0, 0x2, 0x0, 0x6, 0x4, [{0x5, 0x1ff}, {0x1, 0x6}]}]}, {0x0, [0x2e, 0x30, 0x0, 0x61, 0x61]}}, &(0x7f0000000f40)=""/4089, 0x47, 0xff9, 0x1}, 0x28) 923.776038ms ago: executing program 3 (id=12530): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)) 903.848419ms ago: executing program 2 (id=12531): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400080000000bf60b3a6ed7"], 0x20, 0x24048844}], 0x1, 0x0) 900.23919ms ago: executing program 1 (id=12532): r0 = socket(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, 0x0, 0x4) 802.035076ms ago: executing program 5 (id=12533): r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f00000001c0)=@in4={0x21, 0x3, 0x2, 0x4, {0x2, 0x4e21, @local}}, 0x24) 801.599086ms ago: executing program 1 (id=12534): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, 0x10, 0x21, 0x0, 0x0, {0x3}, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@mcast2}]}]}, 0x2c}}, 0x0) 681.378174ms ago: executing program 1 (id=12535): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000180)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x12, 0x0, 0x8, 0x0, 0x8000000, 0x0, 0x0, 0xfffffffe, 0x4}}) 680.962704ms ago: executing program 2 (id=12536): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2faa04cfd7ddc4f2edca0adeae0088a8e16969e9000a6a9d85bf9d4ee333cf03763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773158bd33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d6cb5ded47e4a20ad821132952cc1884e1473794144bbd01594b306a04fc39f13202b4447f8bbccc51a6c4b555b46a2df7f0fe979ef6c31ef8c81a81c26e71f96ea1d8ed245277259bdf970db1f41c75d8384b6b23cf44e9b04527874daf6c34e4deda0da670addd7c8f5eab4410908517c88940d", @ANYRES16], 0xfe, 0x1518, &(0x7f00000022c0)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA") openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa0c42, 0x100) 654.274626ms ago: executing program 5 (id=12537): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r0, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@alg={0xe0, 0x10, 0x1, 0x70bd26, 0x25dfdbff, {{'sha3-256\x00'}, '\x00', '\x00', 0x2000, 0x4000}}, 0xe0}, 0x1, 0x0, 0x0, 0x2000c010}, 0x4000080) 607.185759ms ago: executing program 3 (id=12538): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e0000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000100b0000850000002300000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="c1188e19b95d02ff4284860151b0", 0x0, 0xa3d8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 531.547895ms ago: executing program 1 (id=12539): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d0381edd7fc6e5539b0d430a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040360005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3baaa1b469c3090000002000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9593ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f141f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31630e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7c59f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff0b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803cd0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe485a7b66c3b2c7d3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e0509383815b1b6fc6522d4e4fdc888dc7465e9f7d0875fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6d84effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddfb754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aa291a1d77a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598555f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389ee7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755530d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0ab78e04322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebe0400000036174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbac5c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 494.243847ms ago: executing program 2 (id=12540): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/raw6\x00') pread64(r0, &(0x7f0000001900)=""/4079, 0xfef, 0x66) 463.415109ms ago: executing program 5 (id=12541): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x401, 0x2004, 0x0, {0x0, 0x0, 0x0, 0x0, 0xb562, 0x51042}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@vti_common_policy=[@IFLA_VTI_OKEY={0x8, 0x3, 0x4}]]}}}, @IFLA_IFNAME={0x14, 0x3, 'ip_vti0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 335.650788ms ago: executing program 2 (id=12542): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x40202, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0xdb) 335.502408ms ago: executing program 5 (id=12543): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x10, 0x2, 0x490, 0x2d0, 0xf0, 0xffffffff, 0x0, 0x2d0, 0x3c0, 0x3c0, 0xffffffff, 0x3c0, 0x3c0, 0x5, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv4, @gre_key, @gre_key}}}, {{@ipv6={@loopback, @mcast2, [], [], 'geneve1\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@dev, @ipv4=@local, @gre_key}}}, {{@ipv6={@private1, @empty, [], [], 'tunl0\x00', 'ipvlan1\x00'}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@broadcast, @ipv4, @port, @gre_key}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@dev, @ipv4=@remote}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0) 277.436392ms ago: executing program 3 (id=12544): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_FLAGS={0x6}, @IFLA_MACVLAN_MODE={0x8}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 211.512856ms ago: executing program 2 (id=12545): r0 = socket$l2tp6(0xa, 0x2, 0x73) syz_genetlink_get_family_id$ethtool(&(0x7f0000000b40), r0) 150.1924ms ago: executing program 5 (id=12546): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f80)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats={0x28}}) 112.697212ms ago: executing program 3 (id=12547): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8) 5.51669ms ago: executing program 2 (id=12548): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x228, 0x3a8, 0x3a8, 0x228, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x700, {}, [@inet=@rpfilter={{}, {0x8}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}, {{@uncond, 0x0, 0xf8, 0x128, 0x0, {}, [@common=@inet=@dccp={{}, {[0x4e24, 0x4e24], [0x4e21, 0x4e20], 0x0, 0x0, 0x1000, 0xa5}}, @common=@ipv6header={{0x28}, {0x0, 0x82, 0x1}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0x2, 0x3}, {0x4, 0x3, 0x2}, 0x401, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xff91) 0s ago: executing program 3 (id=12549): socket$kcm(0x2d, 0x2, 0x0) socketpair(0x23, 0x4, 0xa, &(0x7f0000000080)) kernel console output (not intermixed with test programs): strings: Mfr=1, Product=228, SerialNumber=2 [ 1085.693784][ T6967] usb 3-1: 2:0: cannot get min/max values for control 2 (id 2) [ 1085.710439][ T6975] usb 4-1: Product: syz [ 1085.714665][ T6975] usb 4-1: Manufacturer: syz [ 1085.762262][ T6967] usb 3-1: USB disconnect, device number 3 [ 1085.772714][ T6975] usb 4-1: SerialNumber: syz [ 1085.795641][ T6975] usb 4-1: config 0 descriptor?? [ 1085.844605][ T6975] hub 4-1:0.0: bad descriptor, ignoring hub [ 1085.851895][ T6975] hub: probe of 4-1:0.0 failed with error -5 [ 1085.867055][ T6975] usb 4-1: selecting invalid altsetting 0 [ 1086.103137][T28447] loop5: detected capacity change from 0 to 1024 [ 1086.142077][T28447] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 1086.187334][T28447] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869) [ 1086.216272][T28447] EXT4-fs (loop5): invalid journal inode [ 1086.248018][T28447] EXT4-fs (loop5): can't get journal size [ 1086.268688][T14182] usb 4-1: USB disconnect, device number 86 [ 1086.298853][T13623] Bluetooth: hci0: command 0x0406 tx timeout [ 1086.322541][T28447] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1086.375875][T28452] openvswitch: netlink: Key type 29 is not supported [ 1086.412825][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1087.634274][T28507] loop4: detected capacity change from 0 to 1024 [ 1087.687355][T28509] netdevsim netdevsim5: Direct firmware load for ..€ failed with error -2 [ 1087.723491][T28509] netdevsim netdevsim5: Falling back to sysfs fallback for: ..€ [ 1087.779003][T28482] loop1: detected capacity change from 0 to 32768 [ 1087.820761][T28482] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.10467 (28482) [ 1087.873891][T28482] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1087.906604][T28482] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 1087.917540][T28482] BTRFS info (device loop1): using free space tree [ 1087.994554][T28482] BTRFS info (device loop1): enabling ssd optimizations [ 1088.019099][T28482] BTRFS warning (device loop1): can't clear the compat_ro:1 feature bit while mounted [ 1088.211887][ T4271] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1088.378204][T28547] futex_wake_op: syz.4.10491 tries to shift op by -1; fix this program [ 1088.449823][ T26] audit: type=1326 audit(1777396196.218:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1088.545170][ T26] audit: type=1326 audit(1777396196.218:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1088.626689][ T26] audit: type=1326 audit(1777396196.265:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1088.726899][ T26] audit: type=1326 audit(1777396196.265:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1088.791087][ T26] audit: type=1326 audit(1777396196.265:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1088.930466][ T26] audit: type=1326 audit(1777396196.265:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1089.012614][ T26] audit: type=1326 audit(1777396196.265:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1089.035747][ T26] audit: type=1326 audit(1777396196.283:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1089.107305][ T26] audit: type=1326 audit(1777396196.283:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28548 comm="syz.3.10492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1089.623770][T28594] loop3: detected capacity change from 0 to 1024 [ 1089.724958][T28594] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #11: comm syz.3.10513: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 1089.751675][T28594] EXT4-fs error (device loop3): ext4_orphan_get:1410: comm syz.3.10513: couldn't read orphan inode 11 (err -117) [ 1089.876174][T28594] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1090.002256][T28594] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.10513: Invalid block bitmap block 0 in block_group 0 [ 1090.103728][T28594] Quota error (device loop3): write_blk: dquota write failed [ 1090.146270][T28594] EXT4-fs error (device loop3): ext4_acquire_dquot:6841: comm syz.3.10513: Failed to acquire dquot type 0 [ 1090.185624][T28621] loop5: detected capacity change from 0 to 1024 [ 1090.328637][ T4279] EXT4-fs (loop3): unmounting filesystem. [ 1090.478601][T28630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10529'. [ 1090.841750][T28642] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1090.872740][T28642] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1090.899585][T28642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1090.914931][T28642] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1090.949121][T28617] loop4: detected capacity change from 0 to 32768 [ 1090.971382][ T41] kernel write not supported for file /input/mice (pid: 41 comm: kworker/1:1) [ 1091.040172][T28617] JBD2: Ignoring recovery information on journal [ 1091.226616][T28652] loop5: detected capacity change from 0 to 4096 [ 1091.247335][T28652] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1091.270119][T28617] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1091.295549][T28652] EXT4-fs error (device loop5): ext4_acquire_dquot:6841: comm syz.5.10541: Failed to acquire dquot type 1 [ 1091.346468][T28617] (syz.4.10524,28617,0):ocfs2_find_entry:1075 ERROR: status = -117 [ 1091.442869][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1091.463643][T28663] loop1: detected capacity change from 0 to 1024 [ 1091.464243][T28617] (syz.4.10524,28617,0):ocfs2_find_entry:1075 ERROR: status = -117 [ 1091.572422][T28617] (syz.4.10524,28617,0):ocfs2_mknod:502 ERROR: status = -117 [ 1091.736206][ T4275] ocfs2: Unmounting device (7,4) on (node local) [ 1091.896652][ T6888] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1092.112501][ T6888] usb 6-1: Using ep0 maxpacket: 8 [ 1092.120550][ T6888] usb 6-1: config 30 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1092.151347][ T6888] usb 6-1: config 30 interface 0 has no altsetting 0 [ 1092.173681][ T6888] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 1092.192899][ T6888] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1092.233717][ T6888] usb 6-1: Product: syz [ 1092.244530][ T6888] usb 6-1: Manufacturer: syz [ 1092.249776][ T6888] usb 6-1: SerialNumber: syz [ 1092.282488][ T6888] snd_usb_toneport 6-1:30.0: Line 6 TonePort UX2 found [ 1092.363824][T28683] loop4: detected capacity change from 0 to 4096 [ 1092.407046][T28683] NILFS (loop4): unsupported revision (superblock rev.=0.0, current rev.=2.0). Please check the version of mkfs.nilfs(2). [ 1092.503143][ T6888] snd_usb_toneport 6-1:30.0: cannot get proper max packet size [ 1092.521859][ T6888] snd_usb_toneport 6-1:30.0: Line 6 TonePort UX2 now disconnected [ 1092.541963][ T6888] snd_usb_toneport: probe of 6-1:30.0 failed with error -22 [ 1092.727922][ T6888] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 1092.792355][ T41] usb 6-1: USB disconnect, device number 9 [ 1092.889692][T28701] loop3: detected capacity change from 0 to 1024 [ 1092.954567][ T6888] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1092.983910][ T6888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1093.007705][ T6888] usb 3-1: config 0 descriptor?? [ 1093.046460][ T6888] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1093.478286][ T6888] gp8psk: usb in 137 operation failed. [ 1093.483925][ T6888] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1093.527683][ T6888] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1093.562392][ T6888] usb 3-1: USB disconnect, device number 4 [ 1094.034274][T28741] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1094.041988][T28740] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10581'. [ 1094.216977][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1094.245266][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1094.265025][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1094.286457][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1094.315494][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1094.335655][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1094.393111][T28745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1094.435438][T28745] device vlan0 left promiscuous mode [ 1094.506866][T28745] device wlan0 left promiscuous mode [ 1094.817347][T28770] netlink: 'syz.4.10597': attribute type 21 has an invalid length. [ 1094.843849][T28770] netlink: 'syz.4.10597': attribute type 1 has an invalid length. [ 1095.241814][T28784] netlink: 'syz.1.10603': attribute type 1 has an invalid length. [ 1095.250488][T28784] netlink: 128 bytes leftover after parsing attributes in process `syz.1.10603'. [ 1095.421518][T28784] NCSI netlink: No device for ifindex 0 [ 1095.568487][T28768] loop5: detected capacity change from 0 to 32768 [ 1096.461284][ T6967] usb 2-1: new full-speed USB device number 118 using dummy_hcd [ 1096.601092][T28840] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1096.688606][T28840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1096.692722][ T6967] usb 2-1: config 0 has an invalid interface number: 214 but max is 0 [ 1096.724261][ T6967] usb 2-1: config 0 has no interface number 0 [ 1096.728500][T28840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1096.747119][ T6967] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 22765, setting to 64 [ 1096.792232][ T6967] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 1096.835570][ T6967] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3 [ 1096.867695][ T6967] usb 2-1: Manufacturer: syz [ 1096.872341][ T6967] usb 2-1: SerialNumber: syz [ 1096.898694][ T6967] usb 2-1: config 0 descriptor?? [ 1096.929009][T28819] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1097.216157][ T6967] usbtouchscreen 2-1:0.214: Failed to read FW rev: -71 [ 1097.232825][ T6967] usbtouchscreen: probe of 2-1:0.214 failed with error -71 [ 1097.264865][ T6967] usb 2-1: USB disconnect, device number 118 [ 1097.382595][T28864] SET target dimension over the limit! [ 1097.587624][T28874] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10648'. [ 1097.640077][T28874] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10648'. [ 1097.663841][T28874] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10648'. [ 1097.852536][ T6888] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1098.065957][ T6888] usb 6-1: Using ep0 maxpacket: 8 [ 1098.072678][ T6888] usb 6-1: config 0 has too many interfaces: 65, using maximum allowed: 32 [ 1098.120130][ T6888] usb 6-1: config 0 has an invalid interface number: 150 but max is 64 [ 1098.133601][ T6888] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1098.172851][ T6888] usb 6-1: config 0 has 2 interfaces, different from the descriptor's value: 65 [ 1098.192792][ T6888] usb 6-1: config 0 has no interface number 0 [ 1098.214859][ T6888] usb 6-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1098.243325][ T6888] usb 6-1: config 0 interface 150 has no altsetting 0 [ 1098.268667][ T6888] usb 6-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 1098.327608][ T6888] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1098.341808][T28898] program syz.1.10660 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1098.365054][ T6888] usb 6-1: config 0 descriptor?? [ 1098.837950][T28921] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 1098.867984][ T6890] usb 6-1: USB disconnect, device number 10 [ 1099.002345][T28924] loop4: detected capacity change from 0 to 8 [ 1099.059319][T28924] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1099.067176][T28926] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10672'. [ 1099.083354][T28924] SQUASHFS error: Failed to read block 0x1dd: -5 [ 1099.111943][T28924] SQUASHFS error: Unable to read metadata cache entry [1db] [ 1099.136039][T28924] SQUASHFS error: Unable to read inode 0xa7 [ 1099.274703][T28932] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10676'. [ 1099.293317][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 1099.293330][ T26] audit: type=1326 audit(1777396206.360:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.313245][T28932] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10676'. [ 1099.380478][ T26] audit: type=1326 audit(1777396206.398:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.408755][ T26] audit: type=1326 audit(1777396206.398:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.507466][ T26] audit: type=1326 audit(1777396206.398:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.606246][ T26] audit: type=1326 audit(1777396206.398:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.697585][ T26] audit: type=1326 audit(1777396206.398:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.767027][ T26] audit: type=1326 audit(1777396206.398:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.846821][ T26] audit: type=1326 audit(1777396206.398:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28934 comm="syz.1.10677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1099.882681][T28956] netlink: 'syz.1.10689': attribute type 1 has an invalid length. [ 1099.963246][T28962] xt_TCPMSS: Only works on TCP SYN packets [ 1100.722345][ C1] sd 0:0:1:0: [sda] tag#1654 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 1100.732846][ C1] sd 0:0:1:0: [sda] tag#1654 CDB: Read(6) 08 00 66 ce 20 db [ 1100.749484][T28995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10706'. [ 1100.972949][T28967] loop4: detected capacity change from 0 to 32768 [ 1101.156165][T28967] XFS (loop4): Mounting V5 Filesystem [ 1101.328997][T29019] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1101.393754][T28967] XFS (loop4): Ending clean mount [ 1101.512181][ T6967] XFS (loop4): Metadata CRC error detected at xfs_rmapbt_read_verify+0x3a/0xd0, xfs_rmapbt block 0x14 [ 1101.554370][ T6967] XFS (loop4): Unmount and run xfs_repair [ 1101.563701][ T6967] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 1101.576012][ T6967] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 1101.595059][T29034] cgroup: none used incorrectly [ 1101.605027][ T6967] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 1101.605075][ T6967] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 1101.605088][ T6967] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 1101.606044][ T6967] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 1101.606076][ T6967] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 1101.606090][ T6967] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 1101.606103][ T6967] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 1101.608500][T28967] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x14 len 4 error 74 [ 1101.615346][T28967] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x1798/0x1e60 (fs/xfs/libxfs/xfs_defer.c:580). Shutting down filesystem. [ 1101.615398][T28967] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 1101.634979][T29031] netlink: 10 bytes leftover after parsing attributes in process `syz.5.10718'. [ 1101.660186][ T6970] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 1101.678231][ T4275] XFS (loop4): Unmounting Filesystem [ 1101.900132][ T6970] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1101.900167][ T6970] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 255, setting to 64 [ 1101.900203][ T6970] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 1101.900226][ T6970] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1101.902476][T29025] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1102.023630][T29044] netlink: 'syz.5.10725': attribute type 15 has an invalid length. [ 1102.338359][ T6970] aiptek 3-1:17.0: Aiptek using 400 ms programming speed [ 1102.369052][ T6970] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input84 [ 1102.451970][ T6970] usb 3-1: USB disconnect, device number 5 [ 1102.457855][ C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 1102.767382][T29069] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1102.783926][T29069] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1102.806443][T29069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1102.840084][T29069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1102.892136][T29069] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 1102.919053][T29069] device geneve2 left promiscuous mode [ 1102.935372][T29069] device gtp0 left promiscuous mode [ 1103.146868][T29081] netdevsim netdevsim2: Firmware load for './file0/file0/..' refused, path contains '..' component [ 1103.431397][T29075] loop1: detected capacity change from 0 to 32768 [ 1103.476307][T29075] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.10739 (29075) [ 1103.526319][T29075] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1103.553674][T29075] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm [ 1103.562934][T29075] BTRFS info (device loop1): force zlib compression, level 3 [ 1103.610357][T29075] BTRFS info (device loop1): force clearing of disk cache [ 1103.624849][T29093] loop4: detected capacity change from 0 to 128 [ 1103.636942][T29075] BTRFS info (device loop1): setting nodatasum [ 1103.658283][T29075] BTRFS info (device loop1): allowing degraded mounts [ 1103.710914][T29075] BTRFS info (device loop1): enabling disk space caching [ 1103.757646][T29075] BTRFS info (device loop1): disk space caching is enabled [ 1104.058605][T29115] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10752'. [ 1104.205642][T29128] netlink: 'syz.2.10757': attribute type 3 has an invalid length. [ 1104.207166][T29075] BTRFS info (device loop1): rebuilding free space tree [ 1104.214221][T29128] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.10757'. [ 1104.335710][T29075] BTRFS info (device loop1): disabling free space tree [ 1104.342705][T29075] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 1104.398929][T29075] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 1104.606033][T29140] x_tables: duplicate underflow at hook 2 [ 1104.624561][ T26] audit: type=1326 audit(1777396211.352:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1104.631323][ T4271] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1104.693249][ T26] audit: type=1326 audit(1777396211.371:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1104.803101][ T26] audit: type=1326 audit(1777396211.371:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1104.898273][ T26] audit: type=1326 audit(1777396211.371:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1104.974049][ T6810] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop1 scanned by udevd (6810) [ 1105.011227][ T26] audit: type=1326 audit(1777396211.371:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1105.132392][ T26] audit: type=1326 audit(1777396211.371:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1105.226794][ T26] audit: type=1326 audit(1777396211.371:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1105.323972][ T26] audit: type=1326 audit(1777396211.371:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.2.10763" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1105.455689][T29133] loop5: detected capacity change from 0 to 32768 [ 1105.627558][T29133] XFS (loop5): Mounting V5 Filesystem [ 1105.629108][T29173] loop3: detected capacity change from 0 to 4096 [ 1105.661016][T29173] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1105.763467][T29133] XFS (loop5): Ending clean mount [ 1105.787444][T29133] XFS (loop5): Quotacheck needed: Please wait. [ 1105.832510][T29173] ntfs3: loop3: failed to convert "c46c" to cp860 [ 1105.940292][T29133] XFS (loop5): Quotacheck: Done. [ 1106.143319][T23802] XFS (loop5): Unmounting Filesystem [ 1106.180270][T29191] IPv6: Can't replace route, no match found [ 1106.784403][T29213] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1106.828162][T29217] netlink: 44 bytes leftover after parsing attributes in process `syz.2.10798'. [ 1106.864544][T29217] netlink: 43 bytes leftover after parsing attributes in process `syz.2.10798'. [ 1106.891388][T29217] netlink: 'syz.2.10798': attribute type 6 has an invalid length. [ 1106.900012][T29217] netlink: 'syz.2.10798': attribute type 5 has an invalid length. [ 1106.952430][T29217] netlink: 43 bytes leftover after parsing attributes in process `syz.2.10798'. [ 1107.691548][T29260] loop4: detected capacity change from 0 to 8 [ 1107.698816][T29260] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1107.735861][T29260] cramfs: Error -3 while decompressing! [ 1107.778490][T29260] cramfs: ffffffff96d8d248(26)->ffff888040e9e000(4096) [ 1107.785883][T29260] cramfs: Error -5 while decompressing! [ 1107.791975][T29260] cramfs: ffffffff96d8d262(26)->ffff88803272b000(4096) [ 1107.798975][T29260] cramfs: Error 2 while decompressing! [ 1107.804940][T29260] cramfs: ffffffff96d8d27c(16)->ffff888030d0c000(4096) [ 1107.812134][T29260] cramfs: Error -3 while decompressing! [ 1107.817839][T29260] cramfs: ffffffff96d8d248(26)->ffff888040e9e000(4096) [ 1107.827096][ T26] audit: type=1800 audit(1777396214.334:192): pid=29260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10818" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 1107.838248][ T6810] udevd[6810]: incorrect cramfs checksum on /dev/loop4 [ 1107.970852][ T6810] udevd[6810]: incorrect cramfs checksum on /dev/loop4 [ 1108.601475][T29296] loop3: detected capacity change from 0 to 256 [ 1108.661952][T29292] loop4: detected capacity change from 0 to 4096 [ 1108.780133][T29292] ntfs: volume version 3.1. [ 1109.268416][T29315] loop3: detected capacity change from 0 to 4096 [ 1109.296781][T29315] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1109.372127][T29315] ntfs3: loop3: ntfs_evict_inode r=6 failed, -22. [ 1109.394298][T29315] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1109.542293][T29331] netlink: 'syz.4.10852': attribute type 15 has an invalid length. [ 1109.573368][T29331] netlink: 666 bytes leftover after parsing attributes in process `syz.4.10852'. [ 1109.897106][T29344] 9p: Unknown access argument z: -22 [ 1110.285108][T29358] loop4: detected capacity change from 0 to 4096 [ 1110.302226][T29358] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1110.374405][T29358] ntfs3: loop4: ntfs_evict_inode r=6 failed, -22. [ 1110.392195][T29358] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 1110.620209][T29370] loop1: detected capacity change from 0 to 4096 [ 1110.669701][T29370] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 1111.055189][T29382] loop4: detected capacity change from 0 to 64 [ 1111.349495][T29394] binder: 29392:29394 ioctl c00c6211 0 returned -14 [ 1111.499518][T29400] dlm: non-version read from control device 36 [ 1112.171402][T29399] loop3: detected capacity change from 0 to 32768 [ 1112.193751][T29399] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.10887 (29399) [ 1112.275088][T29399] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1112.302028][T29399] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1112.351708][T29438] libceph: resolve '0' (ret=-3): failed [ 1112.390030][T29399] BTRFS info (device loop3): using free space tree [ 1112.614570][ T6970] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 1112.693214][T29399] BTRFS info (device loop3): enabling ssd optimizations [ 1112.839320][ T6970] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1112.853096][T29468] loop1: detected capacity change from 0 to 1024 [ 1112.871135][ T6970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1112.900809][ T6970] usb 3-1: Product: syz [ 1112.909884][ T6970] usb 3-1: Manufacturer: syz [ 1112.942576][ T6970] usb 3-1: SerialNumber: syz [ 1112.989101][ T6970] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1113.078771][ T6975] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1113.166918][ T4279] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1113.335162][ C0] usb 3-1: ath9k_htc: invalid pkt_len (fef1) [ 1113.566925][T20527] usb 3-1: USB disconnect, device number 6 [ 1113.772744][T29491] loop5: detected capacity change from 0 to 256 [ 1113.792059][T29491] exfat: Deprecated parameter 'utf8' [ 1113.797465][T29491] exfat: Deprecated parameter 'namecase' [ 1113.827601][T29491] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 1113.908434][T29491] fuse: Bad value for 'fd' [ 1114.197978][ T6975] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 1114.216415][ T6975] ath9k_htc: Failed to initialize the device [ 1114.228950][T20527] usb 3-1: ath9k_htc: USB layer deinitialized [ 1114.484270][T29519] loop5: detected capacity change from 0 to 164 [ 1115.008853][T29537] mmap: syz.3.10946 (29537): VmData 37466112 exceed data ulimit 1023. Update limits or use boot option ignore_rlimit_data. [ 1115.230595][T29547] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10951'. [ 1115.264290][T29515] loop1: detected capacity change from 0 to 32768 [ 1115.451371][T29515] XFS (loop1): Mounting V5 Filesystem [ 1115.581703][T29515] XFS (loop1): Ending clean mount [ 1115.614643][T29515] XFS (loop1): Unmounting Filesystem [ 1115.932702][T29579] Process accounting paused [ 1115.961214][T29585] netlink: 676 bytes leftover after parsing attributes in process `syz.4.10964'. [ 1116.077795][T29589] loop5: detected capacity change from 0 to 64 [ 1116.272081][T29595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10969'. [ 1116.423918][ T6975] usb 5-1: new high-speed USB device number 106 using dummy_hcd [ 1116.473259][T29601] No source specified [ 1116.583478][T29607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10974'. [ 1116.624045][T29607] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10974'. [ 1116.655668][T29607] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10974'. [ 1116.665003][ T6975] usb 5-1: Using ep0 maxpacket: 32 [ 1116.672279][ T6975] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 1116.692426][ T6975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1116.725949][ T6975] usb 5-1: config 0 descriptor?? [ 1116.759269][ T6975] as10x_usb: device has been detected [ 1116.779028][ T6975] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 1116.815711][ T6975] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 1116.923842][ T6975] as10x_usb: error during firmware upload part1 [ 1116.959302][ T6975] Registered device nBox DVB-T Dongle [ 1116.963538][ T6975] usb 5-1: USB disconnect, device number 106 [ 1117.034724][ T6975] Unregistered device nBox DVB-T Dongle [ 1117.048659][ T6975] as10x_usb: device has been disconnected [ 1117.183786][T29631] netlink: 'syz.3.10988': attribute type 2 has an invalid length. [ 1117.191663][T29631] netlink: 10 bytes leftover after parsing attributes in process `syz.3.10988'. [ 1117.640213][T29655] ubi: mtd0 is already attached to ubi31 [ 1117.711520][T29657] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 1117.847567][T29665] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1118.022265][T29671] netlink: 'syz.3.11007': attribute type 6 has an invalid length. [ 1118.060060][T29671] netlink: 127868 bytes leftover after parsing attributes in process `syz.3.11007'. [ 1118.215531][T29680] loop1: detected capacity change from 0 to 256 [ 1118.294476][T29680] FAT-fs (loop1): Directory bread(block 64) failed [ 1118.302100][T29680] FAT-fs (loop1): Directory bread(block 65) failed [ 1118.329289][T29680] FAT-fs (loop1): Directory bread(block 66) failed [ 1118.349042][T29680] FAT-fs (loop1): Directory bread(block 67) failed [ 1118.355717][T29680] FAT-fs (loop1): Directory bread(block 68) failed [ 1118.404168][T29680] FAT-fs (loop1): Directory bread(block 69) failed [ 1118.410824][T29680] FAT-fs (loop1): Directory bread(block 70) failed [ 1118.436629][T29680] FAT-fs (loop1): Directory bread(block 71) failed [ 1118.445029][T29680] FAT-fs (loop1): Directory bread(block 72) failed [ 1118.456082][T29680] FAT-fs (loop1): Directory bread(block 73) failed [ 1119.220840][T29687] loop5: detected capacity change from 0 to 32768 [ 1119.231108][T29704] netlink: 'syz.4.11023': attribute type 12 has an invalid length. [ 1119.291675][T29687] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.11014 (29687) [ 1119.342832][T29687] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1119.388484][T29687] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 1119.422148][T29711] netlink: 'syz.4.11027': attribute type 1 has an invalid length. [ 1119.442425][T29687] BTRFS info (device loop5): using free space tree [ 1119.469066][T29716] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11028'. [ 1119.496528][T29716] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 1119.668508][T29737] loop4: detected capacity change from 0 to 64 [ 1119.773627][T29687] BTRFS info (device loop5): enabling ssd optimizations [ 1119.962222][T23802] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1119.983165][T29746] loop1: detected capacity change from 0 to 64 [ 1119.988435][T29747] netlink: 40 bytes leftover after parsing attributes in process `syz.2.11038'. [ 1120.020181][ T26] audit: type=1326 audit(1777396225.739:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.117494][ T26] audit: type=1326 audit(1777396225.739:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.260230][ T26] audit: type=1326 audit(1777396225.739:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.370229][ T26] audit: type=1326 audit(1777396225.739:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.455785][ T26] audit: type=1326 audit(1777396225.739:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.496204][T29761] loop4: detected capacity change from 0 to 164 [ 1120.536034][T29761] Unsupported NM flag settings (240) [ 1120.557803][ T26] audit: type=1326 audit(1777396225.739:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.636297][ T26] audit: type=1326 audit(1777396225.739:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.733876][ T26] audit: type=1326 audit(1777396225.739:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29748 comm="syz.3.11034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1120.774926][ T4275] Unsupported NM flag settings (240) [ 1120.830800][ T4275] Unsupported NM flag settings (240) [ 1120.836225][ T4275] Unsupported NM flag settings (240) [ 1120.865403][ T4275] Unsupported NM flag settings (240) [ 1120.871009][ T4275] Unsupported NM flag settings (240) [ 1120.903258][ T4275] Unsupported NM flag settings (240) [ 1120.915777][T29775] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11051'. [ 1120.937391][T29777] netlink: 36 bytes leftover after parsing attributes in process `syz.3.11047'. [ 1120.953282][T29775] netlink: 31 bytes leftover after parsing attributes in process `syz.2.11051'. [ 1120.992818][T29775] netlink: 'syz.2.11051': attribute type 3 has an invalid length. [ 1121.037329][T29775] netlink: 'syz.2.11051': attribute type 2 has an invalid length. [ 1121.077757][T29775] netlink: 31 bytes leftover after parsing attributes in process `syz.2.11051'. [ 1121.190994][T29785] netlink: 'syz.4.11055': attribute type 4 has an invalid length. [ 1121.374662][T29796] siw: device registration error -23 [ 1122.105976][T29832] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1122.595883][T29855] siw: device registration error -23 [ 1122.743740][T29861] netlink: 'syz.5.11089': attribute type 1 has an invalid length. [ 1122.763573][T29861] netlink: 116376 bytes leftover after parsing attributes in process `syz.5.11089'. [ 1122.919918][T29869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11094'. [ 1122.941229][T29866] loop4: detected capacity change from 0 to 8192 [ 1122.964497][T29869] netlink: 'syz.3.11094': attribute type 1 has an invalid length. [ 1122.999222][T29875] 9pnet: Could not find request transport: fÓƒö¤ciÔÍXrr26ÜqWê5Ie¼’CéŒ2ÜÌ»Ž%ÖÒ¿‹Ûq[(z³÷8Ó“ [ 1123.650904][T29895] xt_bpf: check failed: parse error [ 1123.880996][T29907] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11112'. [ 1123.893190][ T7] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 1124.117195][ T7] usb 2-1: Using ep0 maxpacket: 16 [ 1124.128593][ T7] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 1124.171107][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1124.192252][ T7] usb 2-1: Product: syz [ 1124.196508][ T7] usb 2-1: Manufacturer: syz [ 1124.203772][ T7] usb 2-1: SerialNumber: syz [ 1124.215436][ T7] usb 2-1: config 0 descriptor?? [ 1124.237022][ T7] visor 2-1:0.0: Sony Clie 3.5 converter detected [ 1124.455043][ T7] usb 2-1: clie_3_5_startup: get config number bad return length: 0 [ 1124.465119][ T7] visor: probe of 2-1:0.0 failed with error -5 [ 1124.709180][ T7] usb 2-1: USB disconnect, device number 119 [ 1124.959291][T29923] loop5: detected capacity change from 0 to 32768 [ 1124.968093][T29938] loop4: detected capacity change from 0 to 8192 [ 1125.454262][T29921] syz.2.11118 (29921): drop_caches: 2 [ 1125.460815][T29938] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1125.492365][T29938] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 1125.526084][T29938] REISERFS (device loop4): using ordered data mode [ 1125.548278][T29938] reiserfs: using flush barriers [ 1125.554453][T29938] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1125.579441][T29923] XFS (loop5): Mounting V5 Filesystem [ 1125.589919][T29938] REISERFS (device loop4): checking transaction log (loop4) [ 1125.658170][T29923] XFS (loop5): Ending clean mount [ 1125.685224][T29923] XFS (loop5): Quotacheck needed: Please wait. [ 1125.768386][T29923] XFS (loop5): Quotacheck: Done. [ 1125.837233][T29938] REISERFS (device loop4): Using tea hash to sort names [ 1125.847434][T29938] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 1125.869527][ T4317] usb 4-1: new full-speed USB device number 87 using dummy_hcd [ 1125.910257][T23802] XFS (loop5): Unmounting Filesystem [ 1126.075711][ T4317] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1126.107941][ T4317] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1126.142081][ T4317] usb 4-1: config 0 descriptor?? [ 1126.170828][ T4317] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1126.611851][ T4317] gp8psk: usb in 128 operation failed. [ 1126.628261][ T4317] gp8psk: usb in 137 operation failed. [ 1126.646196][ T4317] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1126.685177][ T4317] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1126.701992][ T4317] usb 4-1: USB disconnect, device number 87 [ 1126.724078][T29992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11149'. [ 1126.730375][T29991] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11139'. [ 1126.748768][T29991] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11139'. [ 1126.760327][T29991] netlink: 5 bytes leftover after parsing attributes in process `syz.5.11139'. [ 1126.890970][T29997] netlink: 'syz.2.11152': attribute type 6 has an invalid length. [ 1127.054091][T30007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11157'. [ 1127.556917][T30033] netlink: 'syz.4.11169': attribute type 2 has an invalid length. [ 1127.740679][ T4317] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 1127.954569][ T4317] usb 2-1: Using ep0 maxpacket: 32 [ 1127.961961][ T4317] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1127.977120][ T4317] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1024, setting to 64 [ 1128.008666][ T4317] usb 2-1: New USB device found, idVendor=0582, idProduct=0156, bcdDevice= 0.40 [ 1128.017846][ T4317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1128.078654][ T4317] usb 2-1: Product: syz [ 1128.086648][T30054] netlink: 'syz.3.11179': attribute type 1 has an invalid length. [ 1128.088397][ T4317] usb 2-1: Manufacturer: syz [ 1128.121230][ T4317] usb 2-1: SerialNumber: syz [ 1128.369731][ T4317] usb 2-1: MIDIStreaming interface descriptor not found [ 1128.420888][T30067] netlink: 'syz.5.11187': attribute type 2 has an invalid length. [ 1128.453264][ T4317] usb 2-1: USB disconnect, device number 120 [ 1128.475534][T30067] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11187'. [ 1128.498399][T30069] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11188'. [ 1128.528228][T30069] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11188'. [ 1128.539107][T30069] netlink: 23 bytes leftover after parsing attributes in process `syz.4.11188'. [ 1128.549492][T30069] netlink: 23 bytes leftover after parsing attributes in process `syz.4.11188'. [ 1128.816006][T30079] loop3: detected capacity change from 0 to 4096 [ 1128.841583][T30079] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 1128.971069][T30079] ntfs3: loop3: ntfs_sync_inode r=1e failed, -22. [ 1128.985425][T30079] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1129.139218][ T9] ntfs3: loop3: ntfs3_write_inode r=1e failed, -22. [ 1129.197695][ T4279] ntfs3: loop3: ntfs_evict_inode r=1e failed, -22. [ 1129.223823][ T26] audit: type=1326 audit(1777396234.339:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30095 comm="syz.2.11201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1129.321445][ T26] audit: type=1326 audit(1777396234.367:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30095 comm="syz.2.11201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1129.431701][ T26] audit: type=1326 audit(1777396234.367:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30095 comm="syz.2.11201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1129.481471][ T26] audit: type=1326 audit(1777396234.367:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30095 comm="syz.2.11201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1130.052645][T30129] tmpfs: Bad value for 'mpol' [ 1130.532624][T20527] usb 4-1: new full-speed USB device number 88 using dummy_hcd [ 1130.749498][T20527] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1130.778451][T20527] usb 4-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 1130.810881][T20527] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1130.818938][T20527] usb 4-1: Product: syz [ 1130.858260][T20527] usb 4-1: Manufacturer: syz [ 1130.862897][T20527] usb 4-1: SerialNumber: syz [ 1130.884363][T20527] usb 4-1: config 0 descriptor?? [ 1130.903459][T20527] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b [ 1130.913691][T30163] loop4: detected capacity change from 0 to 256 [ 1130.948572][T30163] FAT-fs (loop4): Directory bread(block 64) failed [ 1130.968938][T30163] FAT-fs (loop4): Directory bread(block 65) failed [ 1130.997117][T30163] FAT-fs (loop4): Directory bread(block 66) failed [ 1131.035484][T30163] FAT-fs (loop4): Directory bread(block 67) failed [ 1131.046575][T30163] FAT-fs (loop4): Directory bread(block 68) failed [ 1131.053179][T30163] FAT-fs (loop4): Directory bread(block 69) failed [ 1131.083749][T30163] FAT-fs (loop4): Directory bread(block 70) failed [ 1131.099630][T30163] FAT-fs (loop4): Directory bread(block 71) failed [ 1131.106298][T30163] FAT-fs (loop4): Directory bread(block 72) failed [ 1131.121128][T20527] gspca_pac7302: reg_w() failed i: ff v: 01 error -71 [ 1131.127960][T20527] gspca_pac7302: probe of 4-1:0.0 failed with error -71 [ 1131.138181][T30163] FAT-fs (loop4): Directory bread(block 73) failed [ 1131.148323][T20527] usb 4-1: USB disconnect, device number 88 [ 1131.164262][T30163] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1131.574869][T30188] tmpfs: Bad value for 'mpol' [ 1132.282460][ T26] audit: type=1326 audit(1777396237.199:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30223 comm="syz.5.11264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1132.386705][ T26] audit: type=1326 audit(1777396237.218:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30223 comm="syz.5.11264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1132.440840][ T26] audit: type=1326 audit(1777396237.218:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30223 comm="syz.5.11264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1132.493591][ T26] audit: type=1326 audit(1777396237.218:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30223 comm="syz.5.11264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1132.554496][T20532] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 1132.757904][T20532] usb 4-1: Using ep0 maxpacket: 8 [ 1132.775384][T20532] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1132.807292][T20532] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 1132.841771][T20532] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52 [ 1132.872811][T20532] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1132.893236][T20532] usb 4-1: Product: syz [ 1132.913311][T20532] usb 4-1: Manufacturer: syz [ 1132.920271][T20532] usb 4-1: SerialNumber: syz [ 1132.933108][T20532] usb 4-1: config 0 descriptor?? [ 1132.940800][T30244] loop5: detected capacity change from 0 to 8192 [ 1132.968251][T30244] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1133.003563][T30244] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal [ 1133.014582][T30244] REISERFS (device loop5): using ordered data mode [ 1133.032078][T30244] reiserfs: using flush barriers [ 1133.043974][T30253] netlink: 'syz.1.11277': attribute type 1 has an invalid length. [ 1133.057652][T30244] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1133.095468][T30253] __nla_validate_parse: 5 callbacks suppressed [ 1133.095484][T30253] netlink: 224 bytes leftover after parsing attributes in process `syz.1.11277'. [ 1133.122117][T30244] REISERFS (device loop5): checking transaction log (loop5) [ 1133.228406][ T6888] usb 5-1: new high-speed USB device number 107 using dummy_hcd [ 1133.318563][T30261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11281'. [ 1133.331160][T30244] REISERFS (device loop5): Using tea hash to sort names [ 1133.340998][T30244] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 1133.397750][T20527] usb 4-1: USB disconnect, device number 89 [ 1133.442387][ T6888] usb 5-1: Using ep0 maxpacket: 32 [ 1133.449174][ T6888] usb 5-1: config 2 has an invalid interface number: 157 but max is 0 [ 1133.472541][T30263] loop1: detected capacity change from 0 to 1024 [ 1133.485030][ T6888] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 1133.495221][ T6888] usb 5-1: config 2 has no interface number 0 [ 1133.518189][T30263] EXT4-fs: Ignoring removed mblk_io_submit option [ 1133.524687][T30263] EXT4-fs: inline encryption not supported [ 1133.533046][ T6888] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=a4.1b [ 1133.553166][ T6888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1133.564480][ T6888] usb 5-1: Product: syz [ 1133.568767][ T6888] usb 5-1: Manufacturer: syz [ 1133.578990][ T6888] usb 5-1: SerialNumber: syz [ 1133.589457][T30263] EXT4-fs error (device loop1): ext4_orphan_get:1431: comm syz.1.11283: bad orphan inode 11 [ 1133.609365][ T6888] imon 5-1:2.157: unable to register, err -19 [ 1133.619631][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.627967][T30263] ext4_test_bit(bit=10, block=4) = 1 [ 1133.633305][T30263] is_bad_inode(inode)=0 [ 1133.637888][T30263] NEXT_ORPHAN(inode)=3254779904 [ 1133.642815][T30263] max_ino=32 [ 1133.646456][T30263] i_nlink=0 [ 1133.677843][T30263] EXT4-fs error (device loop1): ext4_map_blocks:637: inode #3: block 2: comm syz.1.11283: lblock 2 mapped to illegal pblock 2 (length 1) [ 1133.713519][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.730803][T30263] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 1133.752652][T30263] EXT4-fs error (device loop1): ext4_map_blocks:637: inode #3: block 48: comm syz.1.11283: lblock 0 mapped to illegal pblock 48 (length 1) [ 1133.785216][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.802946][T30263] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 1133.840283][T20527] usb 5-1: USB disconnect, device number 107 [ 1133.859713][T30263] EXT4-fs error (device loop1): ext4_acquire_dquot:6841: comm syz.1.11283: Failed to acquire dquot type 0 [ 1133.895639][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.902216][T30263] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5952: Corrupt filesystem [ 1133.926237][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.933195][T30263] EXT4-fs error (device loop1): ext4_evict_inode:281: inode #11: comm syz.1.11283: mark_inode_dirty error [ 1133.970438][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1133.977007][T30263] EXT4-fs warning (device loop1): ext4_evict_inode:284: couldn't mark inode dirty (err -117) [ 1134.053819][T30263] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1134.120036][T30263] EXT4-fs error (device loop1): ext4_map_blocks:637: inode #2: block 16: comm syz.1.11283: lblock 0 mapped to illegal pblock 16 (length 1) [ 1134.190862][T30263] EXT4-fs (loop1): Remounting filesystem read-only [ 1134.289786][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1134.298577][ T4271] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 1134.337678][ T4271] EXT4-fs (loop1): Remounting filesystem read-only [ 1134.348029][ T4271] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5952: Corrupt filesystem [ 1134.358120][ T4271] EXT4-fs (loop1): Remounting filesystem read-only [ 1134.370043][ T4271] EXT4-fs error (device loop1): ext4_quota_off:7147: inode #3: comm syz-executor: mark_inode_dirty error [ 1134.382532][ T4271] EXT4-fs (loop1): Remounting filesystem read-only [ 1134.670431][T30302] RDS: rds_bind could not find a transport for fc00::, load rds_tcp or rds_rdma? [ 1134.933280][T30315] overlayfs: option "workdir=./file0:/" is useless in a non-upper mount, ignore [ 1134.983026][T30315] overlayfs: missing 'lowerdir' [ 1135.009948][T30313] loop1: detected capacity change from 0 to 4096 [ 1135.307987][T30329] syz.5.11315 uses old SIOCAX25GETINFO [ 1135.323411][T30324] loop3: detected capacity change from 0 to 4096 [ 1135.387009][T30324] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 1135.550333][T30324] ntfs3: loop3: ino=5, "/" directory corrupted [ 1135.562103][T30324] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 1135.726105][T30335] loop5: detected capacity change from 0 to 4096 [ 1135.811769][T30335] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1135.904595][T30335] ntfs: (device loop5): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1135.946981][T30335] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1135.999690][T30335] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1136.069761][T30335] ntfs: volume version 3.1. [ 1136.278161][ T4294] ntfs: (device loop5): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 1136.299329][T30359] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 1136.313160][T30361] loop1: detected capacity change from 0 to 1024 [ 1136.330885][ T4294] ntfs: (device loop5): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 1136.364736][T30361] EXT4-fs (loop1): bad geometry: first data block 0 is beyond end of filesystem (0) [ 1136.369252][T23802] ntfs: (device loop5): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1136.574824][T30367] netlink: 'syz.2.11334': attribute type 4 has an invalid length. [ 1136.583133][T30364] loop5: detected capacity change from 0 to 1024 [ 1136.639862][T30367] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.11334'. [ 1136.797506][ T9] hfsplus: b-tree write err: -5, ino 25 [ 1136.824899][ T9] hfsplus: b-tree write err: -5, ino 4 [ 1136.830463][ T9] hfsplus: b-tree write err: -5, ino 2 [ 1136.854890][ T9] hfsplus: b-tree write err: -5, ino 26 [ 1137.314502][T30391] loop1: detected capacity change from 0 to 8192 [ 1137.361707][T30391] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 1137.458052][T30391] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 1137.507519][T30391] REISERFS (device loop1): using ordered data mode [ 1137.521869][T30391] reiserfs: using flush barriers [ 1137.539545][T30391] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 1137.593555][T30391] REISERFS (device loop1): checking transaction log (loop1) [ 1137.882464][T30391] REISERFS (device loop1): Using tea hash to sort names [ 1137.903660][T30391] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 1138.394131][T30431] netlink: 'syz.4.11362': attribute type 11 has an invalid length. [ 1138.849191][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 1138.862162][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 1139.074042][ T26] audit: type=1400 audit(1777396243.547:209): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=30462 comm="syz.5.11384" [ 1139.282263][T30474] netlink: 68 bytes leftover after parsing attributes in process `syz.3.11378'. [ 1139.663331][T30486] sock: sock_timestamping_bind_phc: sock not bind to device [ 1140.304211][T30525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11397'. [ 1140.591681][T30527] loop5: detected capacity change from 0 to 4096 [ 1141.189742][T30527] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 1141.300750][T30555] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11412'. [ 1141.313158][T30527] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1141.339437][T30527] ntfs3: loop5: no free space to extend mft [ 1141.479800][T30559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11414'. [ 1141.631240][T30565] syz.1.11418 (30565): drop_caches: 2 [ 1141.704650][ T46] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1141.705111][T30518] syz.4.11395 (30518): drop_caches: 2 [ 1141.718880][T23802] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1141.736080][T23802] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1141.743059][T23802] ntfs3: loop5: ntfs_set_state r=3 failed, -22. [ 1141.787561][ T11] ntfs3: loop5: ntfs3_write_inode r=3 failed, -22. [ 1141.802983][T23802] ntfs3: loop5: ntfs_evict_inode r=3 failed, -22. [ 1142.225001][T30591] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11430'. [ 1142.234237][T30591] netlink: 40 bytes leftover after parsing attributes in process `syz.2.11430'. [ 1142.455593][T30604] netlink: 'syz.1.11435': attribute type 49 has an invalid length. [ 1142.663986][T30613] netlink: 'syz.2.11441': attribute type 21 has an invalid length. [ 1142.672021][T30613] netlink: 'syz.2.11441': attribute type 1 has an invalid length. [ 1142.723624][T30613] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11441'. [ 1142.797290][ T14] usb 5-1: new high-speed USB device number 108 using dummy_hcd [ 1142.886546][T30623] netlink: 'syz.1.11446': attribute type 4 has an invalid length. [ 1143.027428][ T14] usb 5-1: Using ep0 maxpacket: 16 [ 1143.034724][ T14] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 1143.056556][ T14] usb 5-1: config 0 has an invalid descriptor of length 149, skipping remainder of the config [ 1143.073860][ T14] usb 5-1: config 0 has no interface number 0 [ 1143.103605][ T14] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.17 [ 1143.127240][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1143.146001][ T14] usb 5-1: Product: syz [ 1143.171903][ T14] usb 5-1: Manufacturer: syz [ 1143.176556][ T14] usb 5-1: SerialNumber: syz [ 1143.196544][ T14] usb 5-1: config 0 descriptor?? [ 1143.219869][ T6888] usb 4-1: new full-speed USB device number 90 using dummy_hcd [ 1143.418537][T30649] loop1: detected capacity change from 0 to 736 [ 1143.446113][ T6888] usb 4-1: config 8 has an invalid interface number: 177 but max is 0 [ 1143.452532][ T14] usb 5-1: USB disconnect, device number 108 [ 1143.460612][ T6888] usb 4-1: config 8 has no interface number 0 [ 1143.484229][ T6888] usb 4-1: config 8 interface 177 altsetting 9 endpoint 0x9 has invalid maxpacket 1023, setting to 64 [ 1143.508868][ T6888] usb 4-1: config 8 interface 177 has no altsetting 0 [ 1143.523038][ T6888] usb 4-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1 [ 1143.551487][ T6888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1143.594845][T30629] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1143.718808][T30660] loop5: detected capacity change from 0 to 8 [ 1143.824726][ T6888] usb 4-1: string descriptor 0 read error: -71 [ 1143.843733][ C1] ir_toy 4-1:8.177: out urb status: -71 [ 1144.193112][T30679] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11473'. [ 1144.236487][T30679] netlink: 4260 bytes leftover after parsing attributes in process `syz.4.11473'. [ 1144.328913][ T6886] kworker/dying (6886) used greatest stack depth: 13584 bytes left [ 1144.407490][ T6888] ir_toy 4-1:8.177: could not write reset command: -110 [ 1144.419608][ T6888] ir_toy: probe of 4-1:8.177 failed with error -110 [ 1144.445982][T30690] xt_TCPMSS: Only works on TCP SYN packets [ 1144.462650][ T6888] usb 4-1: USB disconnect, device number 90 [ 1144.680247][T30699] netlink: 'syz.1.11484': attribute type 2 has an invalid length. [ 1144.739632][T30699] netlink: 132 bytes leftover after parsing attributes in process `syz.1.11484'. [ 1145.017198][ T6888] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 1145.234372][ T6888] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1145.249952][ T6888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1145.289193][ T6888] usb 4-1: config 0 descriptor?? [ 1145.317803][ T6888] cp210x 4-1:0.0: cp210x converter detected [ 1145.405096][T30725] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1145.527737][ T6888] usb 4-1: cp210x converter now attached to ttyUSB0 [ 1145.686997][T30737] libceph: resolve '400' (ret=-3): failed [ 1145.767408][ T6888] usb 4-1: USB disconnect, device number 91 [ 1145.778001][ T6888] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1145.808480][ T6888] cp210x 4-1:0.0: device disconnected [ 1145.944177][T30748] loop4: detected capacity change from 0 to 512 [ 1145.946317][T30749] sctp: [Deprecated]: syz.1.11508 (pid 30749) Use of int in maxseg socket option. [ 1145.946317][T30749] Use struct sctp_assoc_value instead [ 1145.982784][T30751] loop5: detected capacity change from 0 to 512 [ 1145.989255][T30748] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1146.014217][T30751] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1146.062221][T30748] EXT4-fs error (device loop4): ext4_orphan_get:1431: comm syz.4.11507: bad orphan inode 131083 [ 1146.093491][T30748] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1146.113546][T30751] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1146.140133][T30751] ext4 filesystem being mounted at /583/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1146.193454][T30748] EXT4-fs error (device loop4): __ext4_new_inode:1081: comm syz.4.11507: reserved inode found cleared - inode=18 [ 1146.242622][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 1146.275678][T30761] netlink: 'syz.1.11512': attribute type 9 has an invalid length. [ 1146.335649][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1146.588098][T30770] overlayfs: missing 'lowerdir' [ 1146.916310][T30784] netlink: 'syz.1.11523': attribute type 13 has an invalid length. [ 1146.938914][T30784] netlink: 'syz.1.11523': attribute type 12 has an invalid length. [ 1147.210138][T30794] loop4: detected capacity change from 0 to 2048 [ 1147.240371][T30796] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1147.265879][T30794] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1147.399043][T30798] syz.3.11530 (30798): drop_caches: 2 [ 1147.424123][ T14] usb 2-1: new high-speed USB device number 121 using dummy_hcd [ 1147.637976][ T14] usb 2-1: Using ep0 maxpacket: 16 [ 1147.646444][ T14] usb 2-1: config 0 has an invalid interface number: 105 but max is 0 [ 1147.663284][ T14] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1147.677807][ T14] usb 2-1: config 0 has no interface number 0 [ 1147.691092][ T14] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.17 [ 1147.722008][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1147.742682][ T14] usb 2-1: Product: syz [ 1147.762416][T30815] libceph: resolve '96' (ret=-3): failed [ 1147.768499][ T14] usb 2-1: Manufacturer: syz [ 1147.773114][ T14] usb 2-1: SerialNumber: syz [ 1147.790258][ T14] usb 2-1: config 0 descriptor?? [ 1147.802326][ T14] usb 2-1: Found UVC 0.00 device syz (046d:08d3) [ 1147.808725][ T14] usb 2-1: No valid video chain found. [ 1148.067346][ T4318] usb 2-1: USB disconnect, device number 121 [ 1148.157011][T30831] Process accounting resumed [ 1148.472357][ T6976] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 1148.556219][T30854] loop5: detected capacity change from 0 to 164 [ 1148.677553][ T6976] usb 3-1: config 1 has an invalid interface number: 188 but max is 0 [ 1148.685780][ T6976] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1148.736002][T30858] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11559'. [ 1148.740164][ T6976] usb 3-1: config 1 has no interface number 0 [ 1148.765379][ T6976] usb 3-1: config 1 interface 188 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1148.776879][T30858] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11559'. [ 1148.793287][ T6976] usb 3-1: config 1 interface 188 has no altsetting 0 [ 1148.802574][T30862] autofs4:pid:30862:autofs_fill_super: called with bogus options [ 1148.803146][ T6976] usb 3-1: New USB device found, idVendor=2040, idProduct=7200, bcdDevice=5b.6b [ 1148.829859][ T6976] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1148.856523][ T6976] usb 3-1: Product: syz [ 1148.862941][ T6976] usb 3-1: Manufacturer: syz [ 1148.867565][ T6976] usb 3-1: SerialNumber: syz [ 1148.886509][ T6976] usb 3-1: cannot find UAC_HEADER [ 1148.940355][ T6976] snd-usb-audio: probe of 3-1:1.188 failed with error -22 [ 1148.970255][ T6810] udevd[6810]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.188/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1149.118161][ T6976] usb 3-1: USB disconnect, device number 7 [ 1149.163663][T30873] netlink: 36 bytes leftover after parsing attributes in process `syz.5.11566'. [ 1149.382737][ T26] audit: type=1326 audit(1777396253.185:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1149.462391][ T26] audit: type=1326 audit(1777396253.185:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1149.564320][ T26] audit: type=1326 audit(1777396253.222:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1149.629379][T30893] loop5: detected capacity change from 0 to 512 [ 1149.630605][ T26] audit: type=1326 audit(1777396253.222:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1149.647396][T30893] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1149.796492][ T26] audit: type=1326 audit(1777396253.222:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1149.875391][T30898] loop1: detected capacity change from 0 to 1764 [ 1149.884737][ T26] audit: type=1326 audit(1777396253.222:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1150.033283][ T26] audit: type=1326 audit(1777396253.222:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1150.101410][T30904] loop4: detected capacity change from 0 to 4096 [ 1150.132595][T30904] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 1150.148361][T30910] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11584'. [ 1150.175598][ T26] audit: type=1326 audit(1777396253.222:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1150.277129][ T26] audit: type=1326 audit(1777396253.222:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30883 comm="syz.1.11571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1150.306719][T30904] ntfs3: loop4: failed to convert "c46c" to cp936 [ 1150.534524][T30923] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready [ 1150.560076][T30923] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1150.888874][T30933] loop4: detected capacity change from 0 to 2048 [ 1150.926840][T30933] UDF-fs: error (device loop4): udf_load_logicalvol: error loading logical volume descriptor: Too many partition maps (4 > 0) [ 1150.926878][T30933] UDF-fs: Scanning with blocksize 512 failed [ 1150.960756][T30933] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1150.960778][T30933] UDF-fs: Scanning with blocksize 1024 failed [ 1150.971697][T30933] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 1150.981529][T30933] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1150.981549][T30933] UDF-fs: Scanning with blocksize 2048 failed [ 1150.990253][T30933] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1151.002677][T30933] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 1151.003391][T30933] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1151.003408][T30933] UDF-fs: Scanning with blocksize 4096 failed [ 1151.003420][T30933] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1) [ 1151.057161][T30933] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 1151.057233][T30933] exFAT-fs (loop4): unable to read boot sector [ 1151.057244][T30933] exFAT-fs (loop4): failed to read boot sector [ 1151.057254][T30933] exFAT-fs (loop4): failed to recognize exfat type [ 1151.200261][ T6976] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1151.414116][ T6976] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1151.414147][ T6976] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1151.415767][ T6976] usb 6-1: config 0 descriptor?? [ 1151.605168][T30941] loop3: detected capacity change from 0 to 32768 [ 1151.713886][T30941] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 1151.925156][ T6976] ath6kl: Failed to submit usb control message: -71 [ 1151.939250][ T6976] ath6kl: unable to send the bmi data to the device: -71 [ 1151.948610][ T6976] ath6kl: Unable to send get target info: -71 [ 1151.956959][ T4279] ocfs2: Unmounting device (7,3) on (node local) [ 1151.969716][ T6976] ath6kl: Failed to init ath6kl core: -71 [ 1152.085622][ T6976] ath6kl_usb: probe of 6-1:0.0 failed with error -71 [ 1152.107356][ T6976] usb 6-1: USB disconnect, device number 11 [ 1152.147699][T30978] QAT: Device 6 not found [ 1152.422775][T30990] netlink: 'syz.1.11621': attribute type 10 has an invalid length. [ 1152.461101][T30990] device macvlan0 entered promiscuous mode [ 1152.535409][T30990] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1152.744781][T31002] openvswitch: netlink: Tunnel attr 6 has unexpected len 4 expected 0 [ 1152.911148][T31007] netlink: 52 bytes leftover after parsing attributes in process `syz.5.11629'. [ 1153.199679][T31017] loop4: detected capacity change from 0 to 64 [ 1153.261666][T30996] loop3: detected capacity change from 0 to 32768 [ 1153.319437][T30996] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.11624 (30996) [ 1153.388922][T30996] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1153.436014][T30996] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 1153.444733][T30996] BTRFS info (device loop3): using free space tree [ 1153.839302][T31004] loop1: detected capacity change from 0 to 40427 [ 1153.850872][T30996] BTRFS info (device loop3): enabling ssd optimizations [ 1153.873314][T31004] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1153.891469][T31004] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1153.917390][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1153.925261][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1153.956274][T31054] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1153.990005][T31004] F2FS-fs (loop1): invalid crc value [ 1154.007083][ T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1154.042157][ T4279] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1154.047513][T31004] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1154.225127][T31004] F2FS-fs (loop1): recover fsync data on readonly fs [ 1154.257077][T31004] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30 [ 1154.285677][T31004] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1154.372695][ T4261] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by udevd (4261) [ 1155.081438][T31085] netlink: 'syz.1.11651': attribute type 2 has an invalid length. [ 1155.190802][T31093] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1155.326355][ T26] audit: type=1326 audit(1777396258.737:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31095 comm="syz.1.11664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1155.364138][T31100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11666'. [ 1155.433929][ T26] audit: type=1326 audit(1777396258.737:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31095 comm="syz.1.11664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1155.518529][ T26] audit: type=1326 audit(1777396258.756:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31095 comm="syz.1.11664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=445 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1155.627405][T31107] loop3: detected capacity change from 0 to 512 [ 1155.651069][ T26] audit: type=1326 audit(1777396258.756:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31095 comm="syz.1.11664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1155.674135][T31107] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1155.676170][T31113] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1155.706093][ T26] audit: type=1326 audit(1777396258.756:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31095 comm="syz.1.11664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb2159cdd9 code=0x7ffc0000 [ 1155.735926][T31107] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1155.767607][T31107] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e02c, mo2=0102] [ 1155.810885][T31107] System zones: 1-12 [ 1155.815829][T31107] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1155.902847][T31107] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 33619980: comm syz.3.11668: invalid block [ 1155.935949][T31107] EXT4-fs (loop3): Remounting filesystem read-only [ 1155.960859][T31107] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.11668: invalid indirect mapped block 2 (level 2) [ 1155.969975][T31123] loop5: detected capacity change from 0 to 2048 [ 1155.985147][T31126] netlink: 'syz.2.11678': attribute type 10 has an invalid length. [ 1155.993494][T31126] netlink: 40 bytes leftover after parsing attributes in process `syz.2.11678'. [ 1156.006026][T31107] EXT4-fs (loop3): Remounting filesystem read-only [ 1156.012786][T31107] EXT4-fs (loop3): 1 truncate cleaned up [ 1156.023140][T31126] netlink: 'syz.2.11678': attribute type 10 has an invalid length. [ 1156.026450][T31107] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1156.051038][T31126] netlink: 40 bytes leftover after parsing attributes in process `syz.2.11678'. [ 1156.088987][T20532] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 1156.112022][T31107] loop3: Can't mount, would change RO state [ 1156.119340][T31123] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1156.148464][T31123] EXT4-fs error (device loop5): ext4_map_blocks:637: inode #12: block 2: comm syz.5.11677: lblock 0 mapped to illegal pblock 2 (length 1) [ 1156.163657][ T4279] EXT4-fs (loop3): unmounting filesystem. [ 1156.292140][T20532] usb 2-1: Using ep0 maxpacket: 16 [ 1156.298909][T20532] usb 2-1: config index 0 descriptor too short (expected 65532, got 18) [ 1156.326064][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1156.335098][T20532] usb 2-1: config 0 has an invalid interface number: 0 but max is -1 [ 1156.352245][T31136] netlink: 'syz.4.11683': attribute type 10 has an invalid length. [ 1156.377747][T20532] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 1156.395101][T31136] device veth1_vlan left promiscuous mode [ 1156.402541][T31136] device macvlan0 entered promiscuous mode [ 1156.424096][T20532] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1156.467809][T20532] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1156.488918][T20532] usb 2-1: Product: syz [ 1156.489415][T31136] device veth1_vlan entered promiscuous mode [ 1156.493102][T20532] usb 2-1: Manufacturer: syz [ 1156.493121][T20532] usb 2-1: SerialNumber: syz [ 1156.529540][T31136] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1156.549675][T20532] r8152-cfgselector 2-1: config 0 descriptor?? [ 1157.013211][T20532] r8152-cfgselector 2-1: Unknown version 0x0000 [ 1157.041307][T20532] r8152-cfgselector 2-1: USB disconnect, device number 122 [ 1157.230976][T31174] netlink: 'syz.2.11700': attribute type 10 has an invalid length. [ 1157.244334][ T4318] usb 5-1: new high-speed USB device number 109 using dummy_hcd [ 1157.257386][T31174] device macvlan0 entered promiscuous mode [ 1157.315883][T31174] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1157.354472][T31178] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11701'. [ 1157.383837][T31178] device netdevsim0 entered promiscuous mode [ 1157.401763][T31178] netlink: 184 bytes leftover after parsing attributes in process `syz.5.11701'. [ 1157.471411][ T4318] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1157.490791][ T4318] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 1157.533736][ T4318] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1157.598650][ T4318] usb 5-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40 [ 1157.618896][ T4318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1157.637800][ T4318] usb 5-1: Product: syz [ 1157.642271][ T4318] usb 5-1: Manufacturer: syz [ 1157.646886][ T4318] usb 5-1: SerialNumber: syz [ 1157.680271][ T4318] usblp0: Disabling reads from problematic bidirectional printer [ 1157.901958][ T4318] usblp 5-1:4.0: usblp0: USB Unidirectional printer dev 109 if 0 alt 0 proto 1 vid 0x03F0 pid 0x0004 [ 1157.935721][ T4318] usb 5-1: USB disconnect, device number 109 [ 1157.958220][ T4318] usblp0: removed [ 1157.984907][T31204] netlink: 'syz.5.11715': attribute type 10 has an invalid length. [ 1157.993797][T31204] device macvlan0 entered promiscuous mode [ 1158.031315][T31204] team0: Port device macvlan0 removed [ 1158.040460][T31204] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1158.057284][ T6965] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 1158.098412][ T26] audit: type=1400 audit(1777396261.327:224): apparmor="DENIED" operation="change_onexec" info="label not found" error=-2 profile="unconfined" name=3AA009F5 pid=31205 comm="syz.3.11717" [ 1158.121563][ T14] usb 2-1: new high-speed USB device number 123 using dummy_hcd [ 1158.292777][ T6965] usb 3-1: Using ep0 maxpacket: 32 [ 1158.307090][ T6965] usb 3-1: config 0 has an invalid interface number: 35 but max is 0 [ 1158.324655][ T6965] usb 3-1: config 0 has no interface number 0 [ 1158.330812][ T6965] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1158.348843][ T6965] usb 3-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1158.359177][ T14] usb 2-1: Using ep0 maxpacket: 16 [ 1158.379180][ T14] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1158.389049][ T14] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1158.399126][ T14] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1158.399855][ T6965] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 1158.416078][ T14] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice= 2.eb [ 1158.425348][ T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1158.433648][ T6965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1158.441678][ T6965] usb 3-1: Product: syz [ 1158.447932][ T14] usb 2-1: config 0 descriptor?? [ 1158.453160][ T6965] usb 3-1: Manufacturer: syz [ 1158.457994][ T6965] usb 3-1: SerialNumber: syz [ 1158.468490][ T6965] usb 3-1: config 0 descriptor?? [ 1158.552997][T31208] loop5: detected capacity change from 0 to 32768 [ 1158.598114][ T4318] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1158.621346][T31208] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1158.700332][ T6965] radio-si470x 3-1:0.35: this is not a si470x device. [ 1158.714863][T23802] ocfs2: Unmounting device (7,5) on (node local) [ 1158.799628][ T4318] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1158.822788][ T4318] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1158.837137][ T4318] usb 4-1: Product: syz [ 1158.841662][ T4318] usb 4-1: Manufacturer: syz [ 1158.846349][ T4318] usb 4-1: SerialNumber: syz [ 1158.872241][ T4318] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1158.904294][ T14] usb 2-1: USB disconnect, device number 123 [ 1158.926252][T20532] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1158.954750][ T6965] radio-raremono 3-1:0.35: this is not Thanko's Raremono. [ 1158.986138][ T6965] usb 3-1: USB disconnect, device number 8 [ 1159.041956][T31226] kAFS: unparsable volume name [ 1159.160704][ C1] usb 4-1: ath: unknown panic pattern! [ 1159.416500][T20527] usb 4-1: USB disconnect, device number 92 [ 1160.003497][ T4318] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 1160.068758][T20532] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 1160.075815][T20532] ath9k_htc: Failed to initialize the device [ 1160.098992][T20527] usb 4-1: ath9k_htc: USB layer deinitialized [ 1160.207563][ T4318] usb 3-1: Using ep0 maxpacket: 16 [ 1160.217183][ T4318] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 1160.250294][ T4318] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1160.258326][ T4318] usb 3-1: Product: syz [ 1160.268462][ T4318] usb 3-1: Manufacturer: syz [ 1160.282387][ T4318] usb 3-1: SerialNumber: syz [ 1160.325358][ T4318] r8152-cfgselector 3-1: config 0 descriptor?? [ 1160.384781][T31281] loop4: detected capacity change from 0 to 2048 [ 1160.419120][T31281] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=301129, location=301129 [ 1160.491783][T31281] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1160.777143][ T4318] r8152-cfgselector 3-1: Unknown version 0x0000 [ 1160.788016][ T4318] r8152-cfgselector 3-1: USB disconnect, device number 9 [ 1160.799216][ T26] audit: type=1326 audit(1777396263.860:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1160.920379][ T26] audit: type=1326 audit(1777396263.860:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1160.967686][T31299] netlink: 'syz.5.11760': attribute type 9 has an invalid length. [ 1160.975541][T31299] netlink: 'syz.5.11760': attribute type 7 has an invalid length. [ 1160.986611][ T26] audit: type=1326 audit(1777396263.879:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.044288][ T26] audit: type=1326 audit(1777396263.879:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.052533][T31299] netlink: 'syz.5.11760': attribute type 8 has an invalid length. [ 1161.085264][ T26] audit: type=1326 audit(1777396263.879:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.191441][ T26] audit: type=1326 audit(1777396263.879:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.219581][ T26] audit: type=1326 audit(1777396263.879:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.289613][ T26] audit: type=1326 audit(1777396263.879:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.368203][ T26] audit: type=1326 audit(1777396263.879:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31294 comm="syz.4.11759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fec74b9cdd9 code=0x7ffc0000 [ 1161.425013][T31308] loop4: detected capacity change from 0 to 4096 [ 1161.510289][T31308] ntfs3: loop4: ino=5, "/" directory corrupted [ 1161.583393][T31292] loop3: detected capacity change from 0 to 32768 [ 1161.623316][T31292] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop3 scanned by syz.3.11757 (31292) [ 1161.662874][T31292] BTRFS info (device loop3): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 1161.704759][T31292] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 1161.736964][T31292] BTRFS info (device loop3): turning on async discard [ 1161.758690][T31292] BTRFS info (device loop3): using free space tree [ 1162.022122][T31346] loop1: detected capacity change from 0 to 512 [ 1162.074676][T31292] BTRFS info (device loop3): enabling ssd optimizations [ 1162.087696][T31353] xt_l2tp: v2 doesn't support IP mode [ 1162.156464][T31346] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1162.186645][T31346] ext4 filesystem being mounted at /2325/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1162.212700][T31361] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11778'. [ 1162.254404][T31346] EXT4-fs: Cannot specify journal on remount [ 1162.301811][ T4279] BTRFS info (device loop3): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 1162.399239][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1162.762920][T31376] loop5: detected capacity change from 0 to 512 [ 1162.848336][T31376] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 1162.892654][T31376] ext4 filesystem being mounted at /647/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1163.173863][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1163.215465][T31395] siw: device registration error -23 [ 1163.247338][T31393] netlink: 'syz.3.11795': attribute type 10 has an invalid length. [ 1163.278977][T31393] device veth1_vlan left promiscuous mode [ 1163.289095][T31393] device macvlan0 entered promiscuous mode [ 1163.358755][T31393] team0: Port device macvlan0 removed [ 1163.396642][T31393] device veth1_vlan entered promiscuous mode [ 1163.428833][T31401] 9pnet: Found fid 0 not clunked [ 1163.457874][T31393] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 1163.775757][T31417] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1164.117356][T31433] loop3: detected capacity change from 0 to 2048 [ 1164.180053][T31433] loop3: p1 p2 < > p3 < p5 > p4 [ 1164.215464][T31433] loop3: partition table partially beyond EOD, truncated [ 1164.244261][T31439] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11816'. [ 1164.267924][T31433] loop3: p1 size 917504 extends beyond EOD, truncated [ 1164.304775][T31433] loop3: p2 start 4278190080 is beyond EOD, truncated [ 1164.314650][T31433] loop3: p4 start 150994949 is beyond EOD, truncated [ 1164.331544][T31433] loop3: p5 size 917504 extends beyond EOD, truncated [ 1164.500591][T31449] netlink: 'syz.2.11821': attribute type 2 has an invalid length. [ 1164.526135][T31451] netlink: 10 bytes leftover after parsing attributes in process `syz.5.11822'. [ 1164.550734][T31449] netlink: 224 bytes leftover after parsing attributes in process `syz.2.11821'. [ 1164.721249][ T4261] udevd[4261]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 1164.723516][ T6810] udevd[6810]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 1164.757799][ T4624] udevd[4624]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 1164.851438][T31463] netlink: 'syz.2.11828': attribute type 11 has an invalid length. [ 1165.213538][T31479] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 1165.227558][T31482] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on. [ 1165.250715][T31482] overlayfs: overlapping lowerdir path [ 1165.426085][T31489] loop1: detected capacity change from 0 to 512 [ 1165.490094][T31487] loop4: detected capacity change from 0 to 4096 [ 1165.517987][T31489] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1165.588697][T31489] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 1165.631475][T31489] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1165.678228][ T26] audit: type=1326 audit(1777396268.422:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31499 comm="syz.3.11849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1165.718191][T31489] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.11842: attempt to clear invalid blocks 2 len 1 [ 1165.744319][T31489] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.11842: invalid indirect mapped block 1819239214 (level 0) [ 1165.826442][T31489] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.11842: invalid indirect mapped block 1819239214 (level 1) [ 1165.859671][T31507] netlink: 48 bytes leftover after parsing attributes in process `syz.5.11850'. [ 1165.905203][T31489] EXT4-fs (loop1): 1 truncate cleaned up [ 1165.915288][T31489] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1165.995494][T31489] EXT4-fs error (device loop1): __ext4_remount:6650: comm syz.1.11842: Abort forced by user [ 1166.059605][T31489] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 1166.226331][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1166.918102][T31554] netlink: 'syz.2.11871': attribute type 2 has an invalid length. [ 1166.964215][T31560] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11870'. [ 1167.628700][T31588] ip6t_REJECT: ECHOREPLY is not supported [ 1167.853327][T31592] loop5: detected capacity change from 0 to 4096 [ 1167.874045][T31592] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 1167.941348][T31592] ntfs3: loop5: Failed to load root. [ 1168.158353][T31607] binder: 31606:31607 ioctl c018620c 0 returned -14 [ 1168.597249][T31624] netlink: 'syz.1.11902': attribute type 11 has an invalid length. [ 1168.794223][T31592] loop5: detected capacity change from 0 to 32768 [ 1168.815221][T31633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11906'. [ 1168.825910][T31592] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.11887 (31592) [ 1168.840895][T31633] netlink: 56 bytes leftover after parsing attributes in process `syz.1.11906'. [ 1168.904311][T31592] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1168.942773][T31592] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 1168.967418][T31592] BTRFS info (device loop5): using free space tree [ 1169.108969][T31654] netlink: 220 bytes leftover after parsing attributes in process `syz.4.11913'. [ 1169.119566][T31654] unsupported nlmsg_type 40 [ 1169.458402][T31592] BTRFS info (device loop5): enabling ssd optimizations [ 1169.642893][T23802] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1169.677642][T31681] netlink: 'syz.2.11921': attribute type 21 has an invalid length. [ 1169.719032][T31681] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11921'. [ 1169.774971][T31681] netlink: 'syz.2.11921': attribute type 1 has an invalid length. [ 1169.897740][ T6810] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop5 scanned by udevd (6810) [ 1170.211297][T31704] netlink: 'syz.1.11932': attribute type 5 has an invalid length. [ 1170.354902][ T6893] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 1170.496969][T31712] loop1: detected capacity change from 0 to 2048 [ 1170.573325][ T6893] usb 4-1: Using ep0 maxpacket: 32 [ 1170.582853][ T6893] usb 4-1: New USB device found, idVendor=0458, idProduct=7005, bcdDevice=1a.51 [ 1170.603668][ T6893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1170.617280][T31712] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1170.638816][ T6893] usb 4-1: Product: syz [ 1170.649420][ T6893] usb 4-1: Manufacturer: syz [ 1170.654042][ T6893] usb 4-1: SerialNumber: syz [ 1170.691974][ T6893] usb 4-1: config 0 descriptor?? [ 1170.720925][ T6893] gspca_main: sn9c2028-2.14.0 probing 0458:7005 [ 1170.934895][ T6893] gspca_sn9c2028: read1 error -71 [ 1170.940630][T31727] netlink: 'syz.1.11943': attribute type 5 has an invalid length. [ 1170.948824][ T6893] gspca_sn9c2028: read1 error -71 [ 1170.954878][T31730] loop5: detected capacity change from 0 to 64 [ 1170.963333][ T6893] gspca_sn9c2028: read1 error -71 [ 1170.979287][ T6893] sn9c2028: probe of 4-1:0.0 failed with error -71 [ 1171.007797][ T6893] usb 4-1: USB disconnect, device number 93 [ 1171.292089][T31742] delete_channel: no stack [ 1172.156642][ T4318] usb 4-1: new high-speed USB device number 94 using dummy_hcd [ 1172.219474][T31755] loop4: detected capacity change from 0 to 32768 [ 1172.280972][T31789] ieee802154 phy0 wpan0: encryption failed: -90 [ 1172.321800][T31755] XFS (loop4): Mounting V5 Filesystem [ 1172.371812][ T4318] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1172.380899][ T4318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1172.433375][ T4318] usb 4-1: config 0 descriptor?? [ 1172.465940][T31755] XFS (loop4): Ending clean mount [ 1172.604903][ T4275] XFS (loop4): Unmounting Filesystem [ 1172.800985][T31814] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11983'. [ 1172.810949][T31814] netlink: 348 bytes leftover after parsing attributes in process `syz.1.11983'. [ 1172.898171][ T4318] usb 4-1: Cannot set MAC address [ 1172.903319][ T4318] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71 [ 1172.949207][ T4318] usb 4-1: USB disconnect, device number 94 [ 1173.259006][T31825] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.11988'. [ 1173.613278][T31837] netlink: 224 bytes leftover after parsing attributes in process `syz.1.11992'. [ 1173.654307][T31837] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11992'. [ 1173.818204][T31843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11996'. [ 1174.390206][T31867] netlink: 'syz.1.12007': attribute type 4 has an invalid length. [ 1174.413720][T31867] netlink: 204 bytes leftover after parsing attributes in process `syz.1.12007'. [ 1174.432022][T31853] loop3: detected capacity change from 0 to 32768 [ 1174.459698][T31853] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9 [ 1174.526068][ T6810] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1175.483609][T31912] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12030'. [ 1176.022332][T31938] netlink: 'syz.5.12042': attribute type 10 has an invalid length. [ 1176.055195][T31938] team0: Device hsr_slave_0 failed to register rx_handler [ 1176.177911][T31945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12046'. [ 1176.223651][T31945] openvswitch: netlink: Flow key attr not present in new flow. [ 1176.307196][ T6893] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1176.381896][T31951] netlink: 'syz.3.12049': attribute type 2 has an invalid length. [ 1176.400830][T31951] netlink: 36 bytes leftover after parsing attributes in process `syz.3.12049'. [ 1176.521181][ T6893] usb 3-1: Using ep0 maxpacket: 32 [ 1176.530559][ T6893] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe [ 1176.572836][ T6893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1176.583633][ T6893] usb 3-1: Product: syz [ 1176.593506][T31929] loop4: detected capacity change from 0 to 32768 [ 1176.602956][ T6893] usb 3-1: Manufacturer: syz [ 1176.608106][ T6893] usb 3-1: SerialNumber: syz [ 1176.620979][ T6893] usb 3-1: config 0 descriptor?? [ 1176.658796][T31929] JBD2: Ignoring recovery information on journal [ 1176.708549][T31963] netlink: 'syz.3.12054': attribute type 4 has an invalid length. [ 1176.824137][T31929] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1176.850761][ T6893] snd-usb-6fire 3-1:0.0: unknown device firmware state received from device: [ 1176.880627][ T6893] 00 00 00 00 00 00 00 00 [ 1176.890460][ T6893] snd-usb-6fire: probe of 3-1:0.0 failed with error -5 [ 1176.968243][T31929] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #1792 has bad signature [ 1177.034984][T31929] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1177.098488][ T4314] usb 3-1: USB disconnect, device number 10 [ 1177.117503][T31929] OCFS2: Returning error to the calling process. [ 1177.141435][T31977] loop5: detected capacity change from 0 to 16 [ 1177.151140][T31929] (syz.4.12038,31929,1):ocfs2_search_chain:1785 ERROR: status = -5 [ 1177.179037][T31977] erofs: (device loop5): mounted with root inode @ nid 36. [ 1177.193480][T31929] (syz.4.12038,31929,1):ocfs2_search_chain:1871 ERROR: status = -5 [ 1177.227251][T31929] (syz.4.12038,31929,1):ocfs2_claim_suballoc_bits:1950 ERROR: status = -5 [ 1177.242611][T31979] loop1: detected capacity change from 0 to 164 [ 1177.246152][T31977] erofs: (device loop5): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 1177.261621][T31976] loop3: detected capacity change from 0 to 4096 [ 1177.266132][T31929] (syz.4.12038,31929,1):ocfs2_claim_suballoc_bits:1993 ERROR: status = -5 [ 1177.289569][T31929] (syz.4.12038,31929,1):ocfs2_claim_new_inode:2226 ERROR: status = -5 [ 1177.296424][T31976] __ntfs_warning: 8 callbacks suppressed [ 1177.296437][T31976] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1177.316243][T31977] erofs: (device loop5): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 1177.327395][T31979] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1177.345879][T31929] (syz.4.12038,31929,1):ocfs2_claim_new_inode:2241 ERROR: status = -5 [ 1177.355844][T31929] (syz.4.12038,31929,1):ocfs2_mknod_locked:639 ERROR: status = -5 [ 1177.396175][T31976] ntfs: (device loop3): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 1177.413022][T31929] (syz.4.12038,31929,1):ocfs2_mknod:385 ERROR: status = -5 [ 1177.432928][T31929] (syz.4.12038,31929,1):ocfs2_mknod:502 ERROR: status = -5 [ 1177.440745][T31929] (syz.4.12038,31929,1):ocfs2_create:676 ERROR: status = -5 [ 1177.473620][T31976] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 1177.512466][T31976] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 1177.527858][T31981] netlink: 28 bytes leftover after parsing attributes in process `syz.1.12063'. [ 1177.558109][T31976] ntfs: volume version 3.1. [ 1177.582403][ T4275] ocfs2: Unmounting device (7,4) on (node local) [ 1177.658313][T31976] ntfs: (device loop3): ntfs_nlstoucs(): Name is too long (maximum length for a name on NTFS is 255 Unicode characters. [ 1177.817853][ T4279] ntfs: (device loop3): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 1178.179570][T32005] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12074'. [ 1178.292663][T32007] netlink: 220 bytes leftover after parsing attributes in process `syz.5.12077'. [ 1178.306429][T32009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12076'. [ 1178.720891][T32025] loop3: detected capacity change from 0 to 4096 [ 1179.555364][T32066] netlink: 220 bytes leftover after parsing attributes in process `syz.3.12105'. [ 1179.601698][T32066] tc_dump_action: action bad kind [ 1180.204392][T32099] netlink: 64 bytes leftover after parsing attributes in process `syz.3.12121'. [ 1180.347348][T32099] Process accounting paused [ 1180.351672][ T26] audit: type=1326 audit(1777396282.135:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32107 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1180.400047][ T4314] usb 5-1: new high-speed USB device number 110 using dummy_hcd [ 1180.425338][ T26] audit: type=1326 audit(1777396282.173:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32107 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1180.475384][ T26] audit: type=1326 audit(1777396282.173:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32107 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1180.530849][ T26] audit: type=1326 audit(1777396282.173:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32107 comm="syz.5.12125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1180.611156][ T4314] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1180.632302][ T4314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1180.667231][ T4314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 32768, setting to 1024 [ 1180.703834][ T4314] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1180.710460][T32125] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1180.710460][T32125] The task syz.5.12132 (32125) triggered the difference, watch for misbehavior. [ 1180.725346][ T4314] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 1180.735512][ T6893] usb 2-1: new high-speed USB device number 124 using dummy_hcd [ 1180.744523][ T4314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1180.804087][ T4314] usb 5-1: config 0 descriptor?? [ 1180.941097][ T6893] usb 2-1: too many configurations: 125, using maximum allowed: 8 [ 1180.970290][ T6893] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1180.986831][ T6893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1180.996724][ T6893] usb 2-1: Product: syz [ 1181.001519][ T6893] usb 2-1: Manufacturer: syz [ 1181.012972][ T6893] usb 2-1: SerialNumber: syz [ 1181.034430][ T6893] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1181.049540][ T4314] usb 5-1: USB disconnect, device number 110 [ 1181.080010][ T4318] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1181.286597][T32147] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12144'. [ 1181.449969][T32153] cgroup: noprefix used incorrectly [ 1181.545223][T32157] loop3: detected capacity change from 0 to 64 [ 1181.570924][ T4314] usb 2-1: USB disconnect, device number 124 [ 1181.705664][T32161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12150'. [ 1181.736953][T32161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12150'. [ 1181.772633][T32161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12150'. [ 1181.793260][T32161] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1181.918430][T32171] loop3: detected capacity change from 0 to 512 [ 1181.987041][T32171] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 1182.012524][T32171] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1182.026786][T32171] EXT4-fs error (device loop3): ext4_acquire_dquot:6841: comm syz.3.12155: Failed to acquire dquot type 1 [ 1182.041460][T32171] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.12155: bg 0: block 40: padding at end of block bitmap is not set [ 1182.055975][ T4317] usb 5-1: new high-speed USB device number 111 using dummy_hcd [ 1182.066894][T32171] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6180: Corrupt filesystem [ 1182.092894][T32171] EXT4-fs (loop3): 1 truncate cleaned up [ 1182.104253][T32171] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1182.221394][T32171] EXT4-fs error (device loop3): ext4_get_link:104: inode #16: comm syz.3.12155: bad symlink. [ 1182.233729][ T4318] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 1182.240723][ T4318] ath9k_htc: Failed to initialize the device [ 1182.264225][ T4314] usb 2-1: ath9k_htc: USB layer deinitialized [ 1182.275478][ T4317] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1182.296006][ T4317] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1182.335901][ T4317] usb 5-1: Product: syz [ 1182.343684][ T4317] usb 5-1: Manufacturer: syz [ 1182.348302][ T4317] usb 5-1: SerialNumber: syz [ 1182.371883][T32188] loop5: detected capacity change from 0 to 512 [ 1182.383401][ T4317] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1182.400461][ T4279] EXT4-fs (loop3): unmounting filesystem. [ 1182.424449][T32188] FAT-fs (loop5): Unrecognized mount option "shortnutf8=1" or missing value [ 1182.493733][ T4317] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1182.736372][ T6893] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1182.939697][ T6893] usb 6-1: Using ep0 maxpacket: 8 [ 1182.949383][ T6893] usb 6-1: config 0 has an invalid interface number: 88 but max is 3 [ 1182.965021][ T6978] usb 5-1: USB disconnect, device number 111 [ 1182.973921][ T6893] usb 6-1: config 0 has an invalid interface number: 250 but max is 3 [ 1183.002184][ T6893] usb 6-1: config 0 has an invalid descriptor of length 105, skipping remainder of the config [ 1183.025059][ T6893] usb 6-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 1183.056735][ T6893] usb 6-1: config 0 has no interface number 0 [ 1183.087715][ T6893] usb 6-1: config 0 has no interface number 1 [ 1183.094877][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 1183.094889][ T26] audit: type=1326 audit(1777396284.706:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32212 comm="syz.2.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1183.125061][ T6893] usb 6-1: config 0 interface 88 has no altsetting 0 [ 1183.131788][ T6893] usb 6-1: config 0 interface 250 has no altsetting 0 [ 1183.138862][ T6893] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=12.b3 [ 1183.148382][ T26] audit: type=1326 audit(1777396284.743:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32212 comm="syz.2.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1183.184941][ T6893] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1183.201209][ T6893] usb 6-1: config 0 descriptor?? [ 1183.208753][ T26] audit: type=1326 audit(1777396284.753:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32212 comm="syz.2.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1183.241669][ T26] audit: type=1326 audit(1777396284.753:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32212 comm="syz.2.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1183.281908][ T4314] usb 2-1: new high-speed USB device number 125 using dummy_hcd [ 1183.291706][ T26] audit: type=1326 audit(1777396284.753:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32212 comm="syz.2.12175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e5919cdd9 code=0x7ffc0000 [ 1183.433314][ T6893] usb 6-1: string descriptor 0 read error: -71 [ 1183.467878][ T6893] usb 6-1: USB disconnect, device number 12 [ 1183.482201][ T4314] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 1183.501413][ T4314] usb 2-1: config 0 has no interface number 0 [ 1183.511211][ T4314] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1183.562341][ T4314] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 1183.578411][ T4314] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1183.613978][ T4314] usb 2-1: Product: syz [ 1183.618170][ T4314] usb 2-1: Manufacturer: syz [ 1183.624447][ T4314] usb 2-1: SerialNumber: syz [ 1183.644748][ T4314] usb 2-1: config 0 descriptor?? [ 1183.653941][T32231] loop4: detected capacity change from 0 to 64 [ 1183.697733][ T4317] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 1183.705742][ T4314] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0 [ 1183.713746][ T4317] ath9k_htc: Failed to initialize the device [ 1183.720341][ T6978] usb 5-1: ath9k_htc: USB layer deinitialized [ 1183.724080][T32233] netlink: 'syz.3.12185': attribute type 10 has an invalid length. [ 1183.736451][T32231] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1183.777614][T32233] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12185'. [ 1183.859144][T32233] team0: Port device geneve0 added [ 1183.930617][ C0] yurex 2-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8 [ 1183.984362][T32237] loop4: detected capacity change from 0 to 8 [ 1184.027888][T32240] netlink: 65051 bytes leftover after parsing attributes in process `syz.2.12189'. [ 1184.067086][T32237] SQUASHFS error: Failed to read block 0x85: -5 [ 1184.082754][T32237] SQUASHFS error: Failed to read block 0x85: -5 [ 1184.133837][ T26] audit: type=1800 audit(1777396285.669:252): pid=32237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.12187" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 1184.166010][T20527] usb 2-1: USB disconnect, device number 125 [ 1184.185884][T20527] yurex 2-1:0.50: USB YUREX #0 now disconnected [ 1184.216661][ T26] audit: type=1326 audit(1777396285.734:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32244 comm="syz.5.12191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1184.317096][ T26] audit: type=1326 audit(1777396285.734:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32244 comm="syz.5.12191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1184.372212][ T26] audit: type=1326 audit(1777396285.734:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32244 comm="syz.5.12191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1184.394680][ C1] vkms_vblank_simulate: vblank timer overrun [ 1184.469363][ T26] audit: type=1326 audit(1777396285.753:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32244 comm="syz.5.12191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f6c13f9cdd9 code=0x7ffc0000 [ 1184.609587][T32261] cgroup: Need name or subsystem set [ 1185.530966][T32298] netlink: 260 bytes leftover after parsing attributes in process `syz.4.12217'. [ 1185.634856][T32300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1185.678700][T32300] bond0: (slave sit0): The slave device specified does not support setting the MAC address [ 1185.722017][T32300] bond0: (slave sit0): Error -95 calling set_mac_address [ 1186.878322][T32361] IPv6: Can't replace route, no match found [ 1187.325024][T32383] netlink: 'syz.4.12253': attribute type 10 has an invalid length. [ 1187.325047][T32383] netlink: 40 bytes leftover after parsing attributes in process `syz.4.12253'. [ 1187.384819][T32383] team0: Port device geneve0 added [ 1187.559418][T32392] comedi comedi4: bad chanlist[0]=0x00400006 chan=6 range length=2 [ 1187.835327][T32403] loop4: detected capacity change from 0 to 2048 [ 1187.923507][T32403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1188.143613][T32415] netlink: 32 bytes leftover after parsing attributes in process `syz.2.12266'. [ 1188.280914][T32417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12267'. [ 1188.342895][T32425] tmpfs: Bad value for 'mpol' [ 1188.478297][T32428] loop1: detected capacity change from 0 to 512 [ 1188.546367][T32430] Cannot find del_set index 1536 as target [ 1188.582970][T32436] netlink: 224 bytes leftover after parsing attributes in process `syz.4.12274'. [ 1188.626708][T32428] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1188.630790][T32436] netlink: 16 bytes leftover after parsing attributes in process `syz.4.12274'. [ 1188.747685][T32428] ext4 filesystem being mounted at /2425/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1188.953396][T32428] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2916: inode #15: comm syz.1.12272: corrupted xattr block 33 [ 1188.991443][T32428] EXT4-fs warning (device loop1): ext4_evict_inode:301: xattr delete (err -74) [ 1189.104095][T32448] loop3: detected capacity change from 0 to 4096 [ 1189.111385][T32448] __ntfs_warning: 10 callbacks suppressed [ 1189.111398][T32448] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 1189.137593][ C1] vkms_vblank_simulate: vblank timer overrun [ 1189.301446][T32448] ntfs: volume version 3.1. [ 1189.323767][ T4271] EXT4-fs (loop1): unmounting filesystem. [ 1189.603839][T32470] netlink: 'syz.2.12287': attribute type 10 has an invalid length. [ 1189.668556][T32470] netlink: 40 bytes leftover after parsing attributes in process `syz.2.12287'. [ 1189.727535][T32481] netlink: 68 bytes leftover after parsing attributes in process `syz.1.12291'. [ 1189.750025][T32470] team0: Port device geneve0 added [ 1190.200318][T32500] loop4: detected capacity change from 0 to 512 [ 1190.236235][T32500] EXT4-fs: Ignoring removed nobh option [ 1190.285403][T32500] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1190.293015][T32505] libceph: secret too big 31 [ 1190.400575][T32500] EXT4-fs warning (device loop4): ext4_xattr_inode_get:506: inode #11: comm syz.4.12299: EA inode hash validation failed [ 1190.413859][T32500] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 1190.440190][T32500] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #15: comm syz.4.12299: corrupted inode contents [ 1190.511783][T32500] EXT4-fs error (device loop4): ext4_dirty_inode:6156: inode #15: comm syz.4.12299: mark_inode_dirty error [ 1190.544431][T32500] EXT4-fs error (device loop4): ext4_do_update_inode:5279: inode #15: comm syz.4.12299: corrupted inode contents [ 1190.557096][T32514] netlink: 'syz.2.12304': attribute type 2 has an invalid length. [ 1190.584701][T32500] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2945: inode #15: comm syz.4.12299: mark_inode_dirty error [ 1190.607486][T32514] device .d entered promiscuous mode [ 1190.644391][T32500] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2948: inode #15: comm syz.4.12299: mark inode dirty (error -117) [ 1190.684917][T32500] EXT4-fs warning (device loop4): ext4_evict_inode:301: xattr delete (err -117) [ 1190.715761][T32500] EXT4-fs (loop4): 1 orphan inode deleted [ 1190.748027][T32500] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1190.920916][ T4275] EXT4-fs (loop4): unmounting filesystem. [ 1191.581486][T32510] loop5: detected capacity change from 0 to 32768 [ 1191.783124][T32563] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12325'. [ 1191.795436][T32510] XFS (loop5): Mounting V5 Filesystem [ 1191.845441][T32567] loop3: detected capacity change from 0 to 128 [ 1192.034006][T32510] XFS (loop5): Ending clean mount [ 1192.275514][T23802] XFS (loop5): Unmounting Filesystem [ 1192.346615][T32588] xt_hashlimit: max too large, truncated to 1048576 [ 1192.511254][T32591] cgroup: Unknown subsys name 'pcr' [ 1193.683875][T32645] netlink: 'syz.4.12362': attribute type 10 has an invalid length. [ 1193.773964][T32645] team0: Device veth1_macvtap failed to register rx_handler [ 1193.818656][T32649] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 1193.837563][T32651] netlink: 'syz.5.12364': attribute type 1 has an invalid length. [ 1194.051621][T32661] xt_ecn: cannot match TCP bits for non-tcp packets [ 1194.051944][T32660] loop4: detected capacity change from 0 to 256 [ 1194.060435][T32656] loop1: detected capacity change from 0 to 1024 [ 1194.084056][T32660] exfat: Deprecated parameter 'namecase' [ 1194.212708][T32660] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d) [ 1194.952902][ T4314] usb 4-1: new full-speed USB device number 95 using dummy_hcd [ 1195.067645][T32690] loop4: detected capacity change from 0 to 256 [ 1195.094356][T32690] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1195.160691][ T4314] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1195.194532][ T4314] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1195.234119][ T4314] usb 4-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64 [ 1195.250909][ T4314] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 1195.284434][ T4314] usb 4-1: Product: syz [ 1195.288635][ T4314] usb 4-1: Manufacturer: syz [ 1195.317143][ T4314] usb 4-1: SerialNumber: syz [ 1195.356301][ T4314] usb 4-1: config 0 descriptor?? [ 1195.379586][ T4314] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state. [ 1195.395245][ T4314] pctv452e: pctv452e_power_ctrl: 1 [ 1195.395245][ T4314] [ 1195.593744][ T4314] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -71 [ 1195.593744][ T4314] [ 1195.616074][ T4314] dvb-usb: bulk message failed: -22 (5/0) [ 1195.649027][ T4314] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1195.691842][ T4314] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19) [ 1195.753442][ T4314] usb 4-1: USB disconnect, device number 95 [ 1196.097102][ T26] audit: type=1400 audit(1777396296.849:267): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=32731 comm="syz.2.12404" [ 1196.636293][T32757] loop1: detected capacity change from 0 to 256 [ 1196.698420][T32757] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x190b464b, utbl_chksum : 0xe619d30d) [ 1197.043200][ T309] loop3: detected capacity change from 0 to 16 [ 1197.080384][ T309] erofs: (device loop3): mounted with root inode @ nid 36. [ 1197.351377][ T319] netlink: 276 bytes leftover after parsing attributes in process `syz.4.12431'. [ 1197.532096][ T328] netlink: 'syz.1.12435': attribute type 1 has an invalid length. [ 1197.548341][ T330] loop3: detected capacity change from 0 to 256 [ 1197.577791][ T330] exfat: Deprecated parameter 'utf8' [ 1197.605045][ T333] netlink: 'syz.4.12438': attribute type 11 has an invalid length. [ 1197.624933][ T330] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe0a6470d, utbl_chksum : 0xe619d30d) [ 1197.672247][ T333] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12438'. [ 1198.308930][ T364] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12452'. [ 1198.331412][ T363] loop1: detected capacity change from 0 to 1024 [ 1198.485658][ T9] hfsplus: b-tree write err: -5, ino 25 [ 1198.491397][ T9] hfsplus: b-tree write err: -5, ino 4 [ 1198.536050][ T9] hfsplus: b-tree write err: -5, ino 2 [ 1198.890444][ T384] loop5: detected capacity change from 0 to 1024 [ 1199.029483][ T384] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 1199.065585][T23280] Bluetooth: hci0: unexpected event for opcode 0x2005 [ 1199.307083][ T403] loop1: detected capacity change from 0 to 512 [ 1199.379032][ T403] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 1199.430193][ T403] UDF-fs: error (device loop1): udf_read_inode: (ino 19) failed ident=264 [ 1199.839893][ T26] audit: type=1326 audit(1777396300.345:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=420 comm="syz.3.12482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1199.893402][ T26] audit: type=1326 audit(1777396300.364:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=420 comm="syz.3.12482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1199.969974][ T26] audit: type=1326 audit(1777396300.364:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=420 comm="syz.3.12482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f448c79cdd9 code=0x7ffc0000 [ 1200.010230][T23802] EXT4-fs (loop5): unmounting filesystem. [ 1200.453577][ T446] netlink: 'syz.5.12490': attribute type 10 has an invalid length. [ 1200.483963][ T446] wlan1: mtu less than device minimum [ 1200.489380][ T446] bond0: (slave wlan1): Error -22 calling dev_set_mtu [ 1200.597841][ T452] loop4: detected capacity change from 0 to 16 [ 1200.624133][ T452] erofs: (device loop4): mounted with root inode @ nid 36. [ 1200.961166][ T469] netlink: 'syz.1.12503': attribute type 2 has an invalid length. [ 1200.976922][ T469] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 1201.480204][ T495] loop1: detected capacity change from 0 to 64 [ 1201.910794][ T515] loop1: detected capacity change from 0 to 64 [ 1202.141561][ T4318] usb 5-1: new high-speed USB device number 112 using dummy_hcd [ 1202.208381][ T530] netlink: 'syz.1.12534': attribute type 1 has an invalid length. [ 1202.355491][ T4318] usb 5-1: Using ep0 maxpacket: 16 [ 1202.370017][ T4318] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 1202.410682][ T4318] usb 5-1: config 0 has no interface number 0 [ 1202.420092][ T4318] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1202.447569][ T4318] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1202.479118][ T4318] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1202.479146][ T4318] usb 5-1: Product: syz [ 1202.500849][ T4318] usb 5-1: SerialNumber: syz [ 1202.509722][ T4318] usb 5-1: config 0 descriptor?? [ 1202.513432][ T4318] cm109 5-1:0.8: invalid payload size 208, expected 4 [ 1202.514510][ T4318] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input86 [ 1202.986054][ C1] cm109 5-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1202.993051][ C1] ------------[ cut here ]------------ [ 1202.994917][ T4317] usb 5-1: USB disconnect, device number 112 [ 1202.999405][ C1] URB ffff88801df92900 submitted while active [ 1203.012127][ C1] WARNING: CPU: 1 PID: 3637 at drivers/usb/core/urb.c:379 usb_submit_urb+0xff9/0x1920 [ 1203.021727][ C1] Modules linked in: [ 1203.025640][ C1] CPU: 1 PID: 3637 Comm: udevd Not tainted syzkaller #0 [ 1203.032599][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1203.042718][ C1] RIP: 0010:usb_submit_urb+0xff9/0x1920 [ 1203.048273][ C1] Code: ad 2e 8b 89 ea e8 fa e9 ff 03 e9 f7 fb ff ff e8 ad 9b 5b fb c6 05 60 b2 e4 07 01 48 c7 c7 e0 ab 2e 8b 48 89 de e8 77 0b 27 fb <0f> 0b e9 7d f0 ff ff e8 8b 9b 5b fb eb 21 e8 84 9b 5b fb 44 8b 6c [ 1203.067881][ C1] RSP: 0018:ffffc900001e0840 EFLAGS: 00010046 [ 1203.073948][ C1] RAX: 7fb19662cd181200 RBX: ffff88801df92900 RCX: 0000000000040000 [ 1203.081917][ C1] RDX: ffffc90002302000 RSI: 000000000003bc0f RDI: 000000000003bc10 [ 1203.089887][ C1] RBP: 000000000000000f R08: ffff8880b8f279db R09: 1ffff110171e4f3b [ 1203.097856][ C1] R10: dffffc0000000000 R11: ffffed10171e4f3c R12: dffffc0000000000 [ 1203.105826][ C1] R13: 0000000000000a20 R14: ffff88801df92908 R15: ffff8880239d7048 [ 1203.113816][ C1] FS: 00007f02b7b59880(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1203.122765][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1203.129355][ C1] CR2: 00007f448d5456b8 CR3: 000000002930a000 CR4: 00000000003506e0 [ 1203.137339][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1203.145312][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1203.153285][ C1] Call Trace: [ 1203.156563][ C1] [ 1203.159411][ C1] ? _raw_spin_lock+0x40/0x40 [ 1203.164098][ C1] ? do_raw_spin_unlock+0x11d/0x230 [ 1203.169304][ C1] cm109_urb_irq_callback+0x701/0xc70 [ 1203.174694][ C1] __usb_hcd_giveback_urb+0x35f/0x520 [ 1203.180081][ C1] dummy_timer+0x8d0/0x3330 [ 1203.184609][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1203.190598][ C1] ? lock_chain_count+0x20/0x20 [ 1203.195463][ C1] ? dummy_free_streams+0x530/0x530 [ 1203.200674][ C1] __hrtimer_run_queues+0x54a/0xd50 [ 1203.205885][ C1] ? dummy_free_streams+0x530/0x530 [ 1203.211093][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 1203.216206][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 1203.222280][ C1] hrtimer_run_softirq+0x183/0x2a0 [ 1203.227396][ C1] handle_softirqs+0x2a1/0x930 [ 1203.232163][ C1] ? __irq_exit_rcu+0x13b/0x230 [ 1203.237017][ C1] ? do_softirq+0x210/0x210 [ 1203.241525][ C1] __irq_exit_rcu+0x13b/0x230 [ 1203.246199][ C1] ? irq_exit_rcu+0x20/0x20 [ 1203.250706][ C1] irq_exit_rcu+0x5/0x20 [ 1203.254945][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 1203.260579][ C1] [ 1203.263505][ C1] [ 1203.266431][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1203.272414][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x9/0x30 [ 1203.278571][ C1] Code: c0 0f 8c 8a 48 c7 c6 a0 33 8c 8a e8 91 e9 1f f7 0f 0b eb d1 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 31 c0 83 3d 97 f9 f1 03 00 <74> 1d 83 3d 22 2d f2 03 00 74 14 65 48 8b 0d 74 73 d4 75 31 c0 83 [ 1203.298177][ C1] RSP: 0018:ffffc900032d7a58 EFLAGS: 00000202 [ 1203.304244][ C1] RAX: 0000000000000000 RBX: 1ffff9200065af54 RCX: 0000000000000000 [ 1203.312214][ C1] RDX: 0000000000000000 RSI: 000000000000000e RDI: ffffffff8aded180 [ 1203.320182][ C1] RBP: ffffc900032d7b68 R08: ffffc900032d7c77 R09: ffffc900032d7c40 [ 1203.328149][ C1] R10: dffffc0000000000 R11: fffff5200065af8f R12: dffffc0000000000 [ 1203.336124][ C1] R13: dffffc0000000000 R14: ffffffff8aded180 R15: 0000000000000000 [ 1203.344106][ C1] __might_resched+0x86/0x630 [ 1203.348791][ C1] ? __might_sleep+0xd0/0xd0 [ 1203.353382][ C1] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 1203.359021][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1203.365012][ C1] ? mutex_unlock+0x10/0x10 [ 1203.369521][ C1] ? lock_chain_count+0x20/0x20 [ 1203.374381][ C1] __might_fault+0x6d/0x120 [ 1203.378890][ C1] _copy_from_user+0x27/0x170 [ 1203.383577][ C1] ___sys_recvmsg+0x172/0x590 [ 1203.388268][ C1] ? __sys_recvmsg+0x290/0x290 [ 1203.393070][ C1] __x64_sys_recvmsg+0x205/0x2e0 [ 1203.398017][ C1] ? ___sys_recvmsg+0x590/0x590 [ 1203.402882][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 1203.408081][ C1] do_syscall_64+0x4c/0xa0 [ 1203.412503][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1203.417182][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1203.421862][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1203.427759][ C1] RIP: 0033:0x7f02b74a7407 [ 1203.432174][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 1203.451775][ C1] RSP: 002b:00007ffd8b28eb30 EFLAGS: 00000202 ORIG_RAX: 000000000000002f [ 1203.460186][ C1] RAX: ffffffffffffffda RBX: 00007f02b7b59880 RCX: 00007f02b74a7407 [ 1203.468156][ C1] RDX: 0000000000000040 RSI: 00007ffd8b28ec50 RDI: 0000000000000009 [ 1203.476124][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1203.484091][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1203.492064][ C1] R13: 00005624bd788100 R14: 0000000000000000 R15: 0000000000000000 [ 1203.500047][ C1] [ 1203.503062][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1203.510331][ C1] CPU: 1 PID: 3637 Comm: udevd Not tainted syzkaller #0 [ 1203.517260][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1203.527307][ C1] Call Trace: [ 1203.530580][ C1] [ 1203.533416][ C1] dump_stack_lvl+0x188/0x24e [ 1203.538099][ C1] ? memcpy+0x3c/0x60 [ 1203.542078][ C1] ? show_regs_print_info+0x12/0x12 [ 1203.547282][ C1] ? load_image+0x400/0x400 [ 1203.551794][ C1] panic+0x2e5/0x730 [ 1203.555694][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 1203.560203][ C1] __warn+0x2f8/0x4f0 [ 1203.564182][ C1] ? usb_submit_urb+0xff9/0x1920 [ 1203.569121][ C1] ? usb_submit_urb+0xff9/0x1920 [ 1203.574053][ C1] report_bug+0x2ba/0x4f0 [ 1203.578386][ C1] ? usb_submit_urb+0xff9/0x1920 [ 1203.583323][ C1] handle_bug+0x3a/0x70 [ 1203.587482][ C1] exc_invalid_op+0x16/0x40 [ 1203.591994][ C1] asm_exc_invalid_op+0x16/0x20 [ 1203.596847][ C1] RIP: 0010:usb_submit_urb+0xff9/0x1920 [ 1203.602391][ C1] Code: ad 2e 8b 89 ea e8 fa e9 ff 03 e9 f7 fb ff ff e8 ad 9b 5b fb c6 05 60 b2 e4 07 01 48 c7 c7 e0 ab 2e 8b 48 89 de e8 77 0b 27 fb <0f> 0b e9 7d f0 ff ff e8 8b 9b 5b fb eb 21 e8 84 9b 5b fb 44 8b 6c [ 1203.621994][ C1] RSP: 0018:ffffc900001e0840 EFLAGS: 00010046 [ 1203.628064][ C1] RAX: 7fb19662cd181200 RBX: ffff88801df92900 RCX: 0000000000040000 [ 1203.636032][ C1] RDX: ffffc90002302000 RSI: 000000000003bc0f RDI: 000000000003bc10 [ 1203.644002][ C1] RBP: 000000000000000f R08: ffff8880b8f279db R09: 1ffff110171e4f3b [ 1203.651972][ C1] R10: dffffc0000000000 R11: ffffed10171e4f3c R12: dffffc0000000000 [ 1203.659938][ C1] R13: 0000000000000a20 R14: ffff88801df92908 R15: ffff8880239d7048 [ 1203.667923][ C1] ? _raw_spin_lock+0x40/0x40 [ 1203.672606][ C1] ? do_raw_spin_unlock+0x11d/0x230 [ 1203.677803][ C1] cm109_urb_irq_callback+0x701/0xc70 [ 1203.683190][ C1] __usb_hcd_giveback_urb+0x35f/0x520 [ 1203.688572][ C1] dummy_timer+0x8d0/0x3330 [ 1203.693095][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1203.699080][ C1] ? lock_chain_count+0x20/0x20 [ 1203.703940][ C1] ? dummy_free_streams+0x530/0x530 [ 1203.709141][ C1] __hrtimer_run_queues+0x54a/0xd50 [ 1203.714343][ C1] ? dummy_free_streams+0x530/0x530 [ 1203.719543][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 1203.724655][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 1203.730754][ C1] hrtimer_run_softirq+0x183/0x2a0 [ 1203.735873][ C1] handle_softirqs+0x2a1/0x930 [ 1203.740641][ C1] ? __irq_exit_rcu+0x13b/0x230 [ 1203.745488][ C1] ? do_softirq+0x210/0x210 [ 1203.749994][ C1] __irq_exit_rcu+0x13b/0x230 [ 1203.754668][ C1] ? irq_exit_rcu+0x20/0x20 [ 1203.759176][ C1] irq_exit_rcu+0x5/0x20 [ 1203.763411][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 1203.769043][ C1] [ 1203.771969][ C1] [ 1203.774897][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 1203.780878][ C1] RIP: 0010:debug_lockdep_rcu_enabled+0x9/0x30 [ 1203.787030][ C1] Code: c0 0f 8c 8a 48 c7 c6 a0 33 8c 8a e8 91 e9 1f f7 0f 0b eb d1 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 31 c0 83 3d 97 f9 f1 03 00 <74> 1d 83 3d 22 2d f2 03 00 74 14 65 48 8b 0d 74 73 d4 75 31 c0 83 [ 1203.806630][ C1] RSP: 0018:ffffc900032d7a58 EFLAGS: 00000202 [ 1203.812696][ C1] RAX: 0000000000000000 RBX: 1ffff9200065af54 RCX: 0000000000000000 [ 1203.820664][ C1] RDX: 0000000000000000 RSI: 000000000000000e RDI: ffffffff8aded180 [ 1203.828629][ C1] RBP: ffffc900032d7b68 R08: ffffc900032d7c77 R09: ffffc900032d7c40 [ 1203.836597][ C1] R10: dffffc0000000000 R11: fffff5200065af8f R12: dffffc0000000000 [ 1203.844566][ C1] R13: dffffc0000000000 R14: ffffffff8aded180 R15: 0000000000000000 [ 1203.852545][ C1] __might_resched+0x86/0x630 [ 1203.857227][ C1] ? __might_sleep+0xd0/0xd0 [ 1203.861814][ C1] ? __mutex_unlock_slowpath+0x1b0/0x6c0 [ 1203.867450][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 1203.873432][ C1] ? mutex_unlock+0x10/0x10 [ 1203.878022][ C1] ? lock_chain_count+0x20/0x20 [ 1203.882898][ C1] __might_fault+0x6d/0x120 [ 1203.887415][ C1] _copy_from_user+0x27/0x170 [ 1203.892103][ C1] ___sys_recvmsg+0x172/0x590 [ 1203.896789][ C1] ? __sys_recvmsg+0x290/0x290 [ 1203.901581][ C1] __x64_sys_recvmsg+0x205/0x2e0 [ 1203.906540][ C1] ? ___sys_recvmsg+0x590/0x590 [ 1203.911408][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 1203.916612][ C1] do_syscall_64+0x4c/0xa0 [ 1203.921036][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1203.925712][ C1] ? clear_bhb_loop+0x60/0xb0 [ 1203.930390][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1203.936281][ C1] RIP: 0033:0x7f02b74a7407 [ 1203.940691][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 1203.960301][ C1] RSP: 002b:00007ffd8b28eb30 EFLAGS: 00000202 ORIG_RAX: 000000000000002f [ 1203.968716][ C1] RAX: ffffffffffffffda RBX: 00007f02b7b59880 RCX: 00007f02b74a7407 [ 1203.976684][ C1] RDX: 0000000000000040 RSI: 00007ffd8b28ec50 RDI: 0000000000000009 [ 1203.984651][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1203.992619][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1204.000587][ C1] R13: 00005624bd788100 R14: 0000000000000000 R15: 0000000000000000 [ 1204.008594][ C1] [ 1204.011936][ C1] Kernel Offset: disabled [ 1204.016365][ C1] Rebooting in 86400 seconds..